7581867fa4cfd3edfd252fcd9df0ed0511453b04e832b48564137f175f36c93a

Analysis

max time kernel
145s
max time network
133s
platform
ubuntu-20.04_amd64
resource
ubuntu2004-amd64-20250410-en
resource tags

arch:amd64arch:i386image:ubuntu2004-amd64-20250410-enkernel:5.4.0-169-genericlocale:en-usos:ubuntu-20.04-amd64system
submitted
11/04/2025, 09:15

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

病毒样本/35bf9d160efafe2af0d99b054df9af71
Size

84KB
MD5

35bf9d160efafe2af0d99b054df9af71
SHA1

585b0f4e918118caa43f512fdfb44b5011dad7d7
SHA256

d1184a578ad3084c5780efbd40011a12fc08a1c7e0d5a4f4b942e39b7a81af94
SHA512

dcc50c5f393d316b2141735a80eb6dd5454a514d8a737b0450b07347bf4b468e78329507f7f0aa29971040d4b304f2c370fcf4b3d1e1668e0788336c4c6d6c6b
SSDEEP

1536:91VC1yc2pdU+OU+8BzoNZBJz7i7eEDUD5FEla40VBPjYm+7ZVcaPXpEXZW:91Jc2TU+fiNZ/7iCEg8aLbYmEZVca/pP

Score

6^/10

discovery

Malware Config

Signatures

Reads system routing table 1 TTPs 1 IoCs

Gets active network interfaces from /proc virtual filesystem.

discovery

Internet Connection Discovery

T1016.001

description	ioc
File opened for reading	/proc/net/route

Changes its process name 1 IoCs

description	pid
Changes the process name, possibly in an attempt to hide itself	1415

Reads system network configuration 1 TTPs 1 IoCs

Uses contents of /proc filesystem to enumerate network settings.

discovery

Internet Connection Discovery

T1016.001

description	ioc
File opened for reading	/proc/net/route

Network

MITRE ATT&CK Enterprise v16

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

T1016

Internet Connection Discovery

T1016.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v16

Replay Monitor

Loading Replay Monitor...

Downloads