Overview

overview

10

Static

static

10

wertg.exe

ubuntu-18.04-amd64

3

Resubmissions

04/12/2024, 22:48

241204-2q8lka1mam 10

04/12/2024, 22:47

241204-2qx5ts1lhk 10

04/12/2024, 22:43

241204-2nbtta1kfr 10

04/12/2024, 19:35

241204-yayvmstjbk 10

04/12/2024, 19:22

241204-x3b1xaxjf1 10

Analysis

  • max time kernel
    0s
  • max time network
    899s
  • platform
    ubuntu-18.04_amd64
  • resource
    ubuntu1804-amd64-20240611-en
  • resource tags

    arch:amd64arch:i386image:ubuntu1804-amd64-20240611-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system
  • submitted
    04/12/2024, 22:48

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    wertg.exe

  • Size

    652KB

  • MD5

    59db985c17a4ab06d3a0fbbb39ac045e

  • SHA1

    2622da604c4be6f2b8ad06cb2fa55d412ba53ece

  • SHA256

    9a065bd64cf7f9f4d1385bfd9df86325e03f8dd64d0a3af56cfd05a7b28c3247

  • SHA512

    8a0a2bb31c37ea27aeaa5f9b1e5f5ce3a42cecca8bdddb00b622bb722c4d7a2e36442b7c628d17629974676278aa0703e1088984599cf216eb2ff6e6a2f995a4

  • SSDEEP

    12288:n4/yrAlyQGlqrLFB8vT+RNinZ12sVNRgznu+Jbb0LrYsFPV0ZSYWaBfF+Nd5zKF:nMM4qskaNxm

Score
3/10
discovery

Malware Config

Signatures

  • Reads runtime system information 3 IoCs

    Reads data from /proc virtual filesystem.

    discovery
  • Writes file to tmp directory 16 IoCs

    Malware often drops required files in the /tmp directory.

Processes

  • /usr/bin/apt
    apt install "wine;" wine /tmp/wertg.exe
    1⤵
    • Reads runtime system information
    • Writes file to tmp directory
    PID:1475
    • /usr/bin/dpkg
      /usr/bin/dpkg --print-foreign-architectures
      2⤵
      • Reads runtime system information
      PID:1476
    • /usr/bin/dpkg
      /usr/bin/dpkg --print-foreign-architectures
      2⤵
      • Reads runtime system information
      PID:1477

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • /tmp/fileutl.message.VmQwZB
          Filesize

          235KB

          MD5

          373fe2f2ef99005d2550a482f09a3e51

          SHA1

          68e6572b55b1e77f7d171ebac7b2579b7a6bd51d

          SHA256

          7552d5ab0c3879756a860aaab8e7c2f8ffb9409ea9ff9e65fc046ba5c519ebe5

          SHA512

          def9e854b824d2fddc6a15f898be73cfb679ac38563f5af854546f49c9d5d2316a40176dc41d6b360bda7b65de53863a53e4eedadf6336000b031b77a113607b

          Download Submit