Overview
overview
10Static
static
10void/0394b...43.exe
windows7-x64
3void/0394b...43.exe
windows10-2004-x64
3void/0aa21...0f.elf
ubuntu-24.04-amd64
1void/250bb...13.exe
windows7-x64
6void/250bb...13.exe
windows10-2004-x64
6void/257ff...b4.exe
windows7-x64
1void/257ff...b4.exe
windows10-2004-x64
8void/37208...92.elf
debian-9-mips
void/43958...0d.exe
windows7-x64
10void/43958...0d.exe
windows10-2004-x64
10void/469a3...1b.ps1
windows7-x64
10void/469a3...1b.ps1
windows10-2004-x64
10void/5a099...8b.exe
windows7-x64
1void/5a099...8b.exe
windows10-2004-x64
1void/72cb9...de.elf
ubuntu-22.04-amd64
10void/73055...90.exe
windows7-x64
3void/73055...90.exe
windows10-2004-x64
3การ�...��.exe
windows7-x64
8การ�...��.exe
windows10-2004-x64
8void/7ac64...d2.exe
windows7-x64
1void/7ac64...d2.exe
windows10-2004-x64
8void/7b380...cc.dmg
macos-10.15-amd64
1Brew/Brew
macos-10.15-amd64
4void/7dec8...a.html
windows7-x64
3void/7dec8...a.html
windows10-2004-x64
4void/80e6e...e3.exe
windows7-x64
3void/80e6e...e3.exe
windows10-2004-x64
3void/82231...6b.exe
windows7-x64
1void/82231...6b.exe
windows10-2004-x64
8void/8732e...71.exe
windows7-x64
1void/8732e...71.exe
windows10-2004-x64
8void/8c55a...97.elf
debian-12-mipsel
7Analysis
-
max time kernel
149s -
max time network
168s -
platform
debian-12_mipsel -
resource
debian12-mipsel-20240729-en -
resource tags
arch:mipselimage:debian12-mipsel-20240729-enkernel:6.1.0-17-4kc-maltalocale:en-usos:debian-12-mipselsystem -
submitted
20/03/2025, 20:20
Behavioral task
behavioral1
Sample
void/0394b475234ecc6f752ecdd9f7e5ea28cebe404e5db6a8cf2f9019915c4ddf43.exe
Resource
win7-20240903-en
windows7-x64
Behavioral task
behavioral2
Sample
void/0394b475234ecc6f752ecdd9f7e5ea28cebe404e5db6a8cf2f9019915c4ddf43.exe
Resource
win10v2004-20250314-en
windows10-2004-x64
Behavioral task
behavioral3
Sample
void/0aa210086ab837dea1a26dd45a661f7f78ea90d243c6fad74cd4772325bff20f.elf
Resource
ubuntu2404-amd64-20250307-en
ubuntu-24.04-amd64
Behavioral task
behavioral4
Sample
void/250bb552893533d2e47ca18faa6f3026495d47bae799046c07749726f2f9c213.exe
Resource
win7-20240903-en
windows7-x64
Behavioral task
behavioral5
Sample
void/250bb552893533d2e47ca18faa6f3026495d47bae799046c07749726f2f9c213.exe
Resource
win10v2004-20250314-en
windows10-2004-x64
Behavioral task
behavioral6
Sample
void/257ffa778469d570082f7cfff1ad199a9bffffc278e9c012bea17d02393b95b4.exe
Resource
win7-20240903-en
windows7-x64
Behavioral task
behavioral7
Sample
void/257ffa778469d570082f7cfff1ad199a9bffffc278e9c012bea17d02393b95b4.exe
Resource
win10v2004-20250314-en
windows10-2004-x64
Behavioral task
behavioral8
Sample
void/3720875269fee71bfa7b07171bc78dfedddd95d32ecf5bd7f2ade07035c25e92.elf
Resource
debian9-mipsbe-20240611-en
debian-9-mips
Behavioral task
behavioral9
Sample
void/43958be574c6a890961e38fa91710b15261d9b388d08c2b899219886f2ab710d.exe
Resource
win7-20240903-en
windows7-x64
Behavioral task
behavioral10
Sample
void/43958be574c6a890961e38fa91710b15261d9b388d08c2b899219886f2ab710d.exe
Resource
win10v2004-20250314-en
windows10-2004-x64
Behavioral task
behavioral11
Sample
void/469a30082aeff1c7367a5c98d83d4230947500771e86738903a026859f870f1b.ps1
Resource
win7-20250207-en
windows7-x64
Behavioral task
behavioral12
Sample
void/469a30082aeff1c7367a5c98d83d4230947500771e86738903a026859f870f1b.ps1
Resource
win10v2004-20250314-en
windows10-2004-x64
Behavioral task
behavioral13
Sample
void/5a099db04b83c828b23e283d7bead0eed7e6c2e415a2632d5546bf776a54ac8b.exe
Resource
win7-20240903-en
windows7-x64
Behavioral task
behavioral14
Sample
void/5a099db04b83c828b23e283d7bead0eed7e6c2e415a2632d5546bf776a54ac8b.exe
Resource
win10v2004-20250314-en
windows10-2004-x64
Behavioral task
behavioral15
Sample
void/72cb96390164439710b0ab64f8b0e211d49875a0f4ea402da22a0269794891de.elf
Resource
ubuntu2204-amd64-20250307-en
ubuntu-22.04-amd64
Behavioral task
behavioral16
Sample
void/7305516a3c2ef76a10be8dc65d0de1d446ad157abd51e84a2e0f3979fc6c4490.exe
Resource
win7-20240903-en
windows7-x64
Behavioral task
behavioral17
Sample
void/7305516a3c2ef76a10be8dc65d0de1d446ad157abd51e84a2e0f3979fc6c4490.exe
Resource
win10v2004-20250314-en
windows10-2004-x64
Behavioral task
behavioral18
Sample
การชำระเงินครั้งสุดท้าย.exe
Resource
win7-20240903-en
windows7-x64
Behavioral task
behavioral19
Sample
การชำระเงินครั้งสุดท้าย.exe
Resource
win10v2004-20250313-en
windows10-2004-x64
Behavioral task
behavioral20
Sample
void/7ac644fc3b59f9ae6995a9cc57c39aee97ac89b3d25652c29c9a3269a02db2d2.exe
Resource
win7-20250207-en
windows7-x64
Behavioral task
behavioral21
Sample
void/7ac644fc3b59f9ae6995a9cc57c39aee97ac89b3d25652c29c9a3269a02db2d2.exe
Resource
win10v2004-20250314-en
windows10-2004-x64
Behavioral task
behavioral22
Sample
void/7b380357933497fe52439da94472b6cc7564fe5c852def28d4843c1a15792bcc.dmg
Resource
macos-20241106-en
macos-10.15-amd64
Behavioral task
behavioral23
Sample
Brew/Brew
Resource
macos-20241101-en
macos-10.15-amd64
Behavioral task
behavioral24
Sample
void/7dec88c2ec34b8483abc44e98ec843877cc5ae88e094c90d46bbabfafdf3749a.html
Resource
win7-20240903-en
windows7-x64
Behavioral task
behavioral25
Sample
void/7dec88c2ec34b8483abc44e98ec843877cc5ae88e094c90d46bbabfafdf3749a.html
Resource
win10v2004-20250314-en
windows10-2004-x64
Behavioral task
behavioral26
Sample
void/80e6e20e66c60f7392af8f501b07f8a10893f8c426acd6bdb42ea50738e6fae3.exe
Resource
win7-20240903-en
windows7-x64
Behavioral task
behavioral27
Sample
void/80e6e20e66c60f7392af8f501b07f8a10893f8c426acd6bdb42ea50738e6fae3.exe
Resource
win10v2004-20250314-en
windows10-2004-x64
Behavioral task
behavioral28
Sample
void/82231216bb55678a4bc192c1f0f180121ffc0a6278dcd1d6d9db8bea784ccf6b.exe
Resource
win7-20240903-en
windows7-x64
Behavioral task
behavioral29
Sample
void/82231216bb55678a4bc192c1f0f180121ffc0a6278dcd1d6d9db8bea784ccf6b.exe
Resource
win10v2004-20250314-en
windows10-2004-x64
Behavioral task
behavioral30
Sample
void/8732ecc7dd6bb49a644d7ca3edadd316657b2508a013da09db0f5b3c5c036c71.exe
Resource
win7-20241010-en
windows7-x64
Behavioral task
behavioral31
Sample
void/8732ecc7dd6bb49a644d7ca3edadd316657b2508a013da09db0f5b3c5c036c71.exe
Resource
win10v2004-20250314-en
windows10-2004-x64
Behavioral task
behavioral32
Sample
void/8c55a86afc661db10bbe1a1d2ab249a5b30fc1fe4b6738ad3ed69546ea045897.elf
Resource
debian12-mipsel-20240729-en
debian-12-mipsel
General
-
Target
void/8c55a86afc661db10bbe1a1d2ab249a5b30fc1fe4b6738ad3ed69546ea045897.elf
-
Size
152KB
-
MD5
9dcd963800c5abd92f3068685406d188
-
SHA1
e37b241b0f106d5f10cf5079f21b8bf707f88b5a
-
SHA256
8c55a86afc661db10bbe1a1d2ab249a5b30fc1fe4b6738ad3ed69546ea045897
-
SHA512
01fdd1c7c4eb65b8a4171c3b91e61eb5d27a260a7bc2459711dfe16ba3b29e3760dfd42ec00af32e0ab25309ac0c1cd5364f9515b200cf2a4910a7821d036f5f
-
SSDEEP
1536:5KrP2E3+ME0vMON4p5sjm2JOCabDrFti35bmXJ4Sl2jp9sElAWShr8h:58+E3XtvMqPl10ogIVR28
Malware Config
Signatures
-
Unexpected DNS network traffic destination 24 IoCs
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
description ioc Destination IP 9.9.9.9 Destination IP 180.76.76.76 Destination IP 185.85.15.34 Destination IP 180.76.76.76 Destination IP 208.67.220.220 Destination IP 9.9.9.9 Destination IP 4.2.2.1 Destination IP 185.85.15.34 Destination IP 4.2.2.1 Destination IP 4.2.2.1 Destination IP 208.67.220.220 Destination IP 208.67.222.222 Destination IP 208.67.220.220 Destination IP 208.67.222.222 Destination IP 208.67.220.220 Destination IP 9.9.9.9 Destination IP 4.2.2.1 Destination IP 208.67.222.222 Destination IP 180.76.76.76 Destination IP 185.85.15.34 Destination IP 208.67.222.222 Destination IP 185.85.15.34 Destination IP 9.9.9.9 Destination IP 180.76.76.76 -
Changes its process name 1 IoCs
description ioc pid Process Changes the process name, possibly in an attempt to hide itself init 776 8c55a86afc661db10bbe1a1d2ab249a5b30fc1fe4b6738ad3ed69546ea045897.elf -
description ioc Process File opened for reading /proc/7/cmdline 8c55a86afc661db10bbe1a1d2ab249a5b30fc1fe4b6738ad3ed69546ea045897.elf File opened for reading /proc/9/cmdline 8c55a86afc661db10bbe1a1d2ab249a5b30fc1fe4b6738ad3ed69546ea045897.elf File opened for reading /proc/10/cmdline 8c55a86afc661db10bbe1a1d2ab249a5b30fc1fe4b6738ad3ed69546ea045897.elf File opened for reading /proc/11/cmdline 8c55a86afc661db10bbe1a1d2ab249a5b30fc1fe4b6738ad3ed69546ea045897.elf File opened for reading /proc/6/cmdline 8c55a86afc661db10bbe1a1d2ab249a5b30fc1fe4b6738ad3ed69546ea045897.elf File opened for reading /proc/1/cmdline 8c55a86afc661db10bbe1a1d2ab249a5b30fc1fe4b6738ad3ed69546ea045897.elf File opened for reading /proc/2/cmdline 8c55a86afc661db10bbe1a1d2ab249a5b30fc1fe4b6738ad3ed69546ea045897.elf File opened for reading /proc/4/cmdline 8c55a86afc661db10bbe1a1d2ab249a5b30fc1fe4b6738ad3ed69546ea045897.elf File opened for reading /proc/8/cmdline 8c55a86afc661db10bbe1a1d2ab249a5b30fc1fe4b6738ad3ed69546ea045897.elf File opened for reading /proc/self/maps 8c55a86afc661db10bbe1a1d2ab249a5b30fc1fe4b6738ad3ed69546ea045897.elf File opened for reading /proc/12/cmdline 8c55a86afc661db10bbe1a1d2ab249a5b30fc1fe4b6738ad3ed69546ea045897.elf File opened for reading /proc/13/cmdline 8c55a86afc661db10bbe1a1d2ab249a5b30fc1fe4b6738ad3ed69546ea045897.elf File opened for reading /proc/14/cmdline 8c55a86afc661db10bbe1a1d2ab249a5b30fc1fe4b6738ad3ed69546ea045897.elf File opened for reading /proc/3/cmdline 8c55a86afc661db10bbe1a1d2ab249a5b30fc1fe4b6738ad3ed69546ea045897.elf File opened for reading /proc/5/cmdline 8c55a86afc661db10bbe1a1d2ab249a5b30fc1fe4b6738ad3ed69546ea045897.elf