49290f83b42d99c5314f8bf07479509cc69fbf20586c1e5826fc739e6ad0889a | Triage

Submit
Reports

Overview

overview

Static

static

a46aab76

ubuntu-22.04-amd64

4

chme

ubuntu-22.04-amd64

4

isots

ubuntu-24.04-amd64

6

mctes

ubuntu-18.04-amd64

1

mswc

ubuntu-24.04-amd64

1

netstat.gz

windows7-x64

1

netstat.gz

windows10-2004-x64

1

blue_helper

ubuntu-20.04-amd64

kerndiacet

ubuntu-24.04-amd64

systemctl

ubuntu-24.04-amd64

3

uptime

ubuntu-22.04-amd64

3

w

ubuntu-22.04-amd64

3

node1

ubuntu-22.04-amd64

1

pasuspende

ubuntu-18.04-amd64

6

pasuspende

debian-9-armhf

6

pasuspende

debian-9-mips

6

pasuspende

debian-9-mipsel

6

systemctl

ubuntu-18.04-amd64

1

uptime

ubuntu-24.04-amd64

3

w

ubuntu-24.04-amd64

3

Analysis

max time kernel
0s
max time network
129s
platform
ubuntu-18.04_amd64
resource
ubuntu1804-amd64-20240611-en
resource tags

arch:amd64arch:i386image:ubuntu1804-amd64-20240611-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system
submitted
19/03/2025, 06:15

Sharing

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

a46aab76

Resource

ubuntu2204-amd64-20250307-en

ubuntu-22.04-amd64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

chme

Resource

ubuntu2204-amd64-20250307-en

ubuntu-22.04-amd64

2 signatures

150 seconds

Behavioral task

behavioral3

Sample

isots

Resource

ubuntu2404-amd64-20250307-en

ubuntu-24.04-amd64

3 signatures

150 seconds

Behavioral task

behavioral4

Sample

mctes

Resource

ubuntu1804-amd64-20240729-en

ubuntu-18.04-amd64

0 signatures

150 seconds

Behavioral task

behavioral5

Sample

mswc

Resource

ubuntu2404-amd64-20250307-en

ubuntu-24.04-amd64

0 signatures

150 seconds

Behavioral task

behavioral6

Sample

netstat.gz

Resource

win7-20240903-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral7

Sample

netstat.gz

Resource

win10v2004-20250314-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral8

Sample

blue_helper

Resource

ubuntu2004-amd64-20241127-en

xmrig_linux antivm discovery miner

ubuntu-20.04-amd64

8 signatures

150 seconds

Behavioral task

behavioral9

Sample

kerndiacet

Resource

ubuntu2404-amd64-20250307-en

xmrig_linux credential_access defense_evasion discovery execution miner privilege_escalation rootkit

ubuntu-24.04-amd64

14 signatures

150 seconds

Behavioral task

behavioral10

Sample

systemctl

Resource

ubuntu2404-amd64-20250307-en

ubuntu-24.04-amd64

1 signatures

150 seconds

Behavioral task

behavioral11

Sample

uptime

Resource

ubuntu2204-amd64-20250307-en

ubuntu-22.04-amd64

1 signatures

150 seconds

Behavioral task

behavioral12

Sample

w

Resource

ubuntu2204-amd64-20250307-en

ubuntu-22.04-amd64

1 signatures

150 seconds

Behavioral task

behavioral13

Sample

node1

Resource

ubuntu2204-amd64-20250307-en

ubuntu-22.04-amd64

0 signatures

150 seconds

Behavioral task

behavioral14

Sample

pasuspende

Resource

ubuntu1804-amd64-20240508-en

defense_evasion discovery privilege_escalation

ubuntu-18.04-amd64

4 signatures

150 seconds

Behavioral task

behavioral15

Sample

pasuspende

Resource

debian9-armhf-20240729-en

defense_evasion discovery privilege_escalation

debian-9-armhf

4 signatures

150 seconds

Behavioral task

behavioral16

Sample

pasuspende

Resource

debian9-mipsbe-20240611-en

defense_evasion discovery privilege_escalation

debian-9-mips

4 signatures

150 seconds

Behavioral task

behavioral17

Sample

pasuspende

Resource

debian9-mipsel-20240226-en

defense_evasion discovery privilege_escalation

debian-9-mipsel

4 signatures

150 seconds

Behavioral task

behavioral18

Sample

systemctl

Resource

ubuntu1804-amd64-20240611-en

ubuntu-18.04-amd64

0 signatures

150 seconds

Behavioral task

behavioral19

Sample

uptime

Resource

ubuntu2404-amd64-20250307-en

ubuntu-24.04-amd64

1 signatures

150 seconds

Behavioral task

behavioral20

Sample

w

Resource

ubuntu2404-amd64-20250307-en

ubuntu-24.04-amd64

1 signatures

150 seconds

Report Analysis Logs

General

Target

systemctl
Size

1.3MB
MD5

d5462e5598d0598ed181b0e9d38ac9bc
SHA1

5c169bcaedbc1b809d794bda1afc2dab9e9e08f1
SHA256

f9cee6d2d8f5c66ce0676b46036866c416f349313260717fea13d4a62201792f
SHA512

44b4b9404861f769abcc25aeb5d3ae3f222b837115b4c837f95f8849ec6d82a45c2ea4f2b8c33f89d706890941f99ebe822c780e7591cb9cc8a0dae9502a6c69
SSDEEP

24576:5DsB7qCB0FwV8G10LzJYsN+m7QdXOA5K:S1q7FwqE0LzJYsN+m8dXr

Score

1^/10

Malware Config

Signatures

Processes

/tmp/systemctl
/tmp/systemctl
1⤵
PID:1499

/usr/local/sbin/sh
sh /dev/fd/3
1⤵
PID:1499

/usr/local/bin/sh
sh /dev/fd/3
1⤵
PID:1499

/usr/sbin/sh
sh /dev/fd/3
1⤵
PID:1499

/usr/bin/sh
sh /dev/fd/3
1⤵
PID:1499

/sbin/sh
sh /dev/fd/3
1⤵
PID:1499

/bin/sh
sh /dev/fd/3
1⤵
PID:1499
- /bin/grep
  grep -v "Server Service"
  2⤵
  PID:1502
- /usr/bin/mctes
  /usr/bin/mctes
  2⤵
  PID:1501

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2025

Terms | Privacy