Sample Name: | VVrYWZ9mzZ |
Analysis ID: | 452446 |
MD5: | 28ae443f54fdb93adc756778ad76ef90 |
SHA1: | 61c196c94b176f71a5748e5910c9db9c03927e9e |
SHA256: | e00e03516a774d45197cbeac2e89b5d9a4df7849b6fd19e360ee72619ab6311d |
Tags: | 32armelfmirai |
Infos: |
Score: | 52 |
Range: | 0 - 100 |
Whitelisted: | false |
AV Detection: |
---|
Multi AV Scanner detection for submitted file |
Source: |
Virustotal: |
Perma Link | ||
Source: |
ReversingLabs: |
Source: |
TCP traffic detected without corresponding DNS query: |
||
Source: |
TCP traffic detected without corresponding DNS query: |
||
Source: |
TCP traffic detected without corresponding DNS query: |
||
Source: |
TCP traffic detected without corresponding DNS query: |
||
Source: |
TCP traffic detected without corresponding DNS query: |
||
Source: |
TCP traffic detected without corresponding DNS query: |
Source: |
String found in binary or memory: |
System Summary: |
---|
Sample contains only a LOAD segment without any section mappings |
Source: |
Program segment: |
Source: |
Classification label: |
Data Obfuscation: |
---|
Sample is packed with UPX |
Source: |
String containing UPX found: |
||
Source: |
String containing UPX found: |
||
Source: |
String containing UPX found: |
Malware Analysis System Evasion: |
---|
Uses the "uname" system call to query kernel version information (possible evasion) |
Source: |
Queries kernel information via 'uname': |
Jump to behavior |
No Screenshots
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
97.102.228.248 | unknown | United States | 33363 | BHN-33363US | false | |
112.46.77.51 | unknown | China | 140105 | CMNET-SNIDC-CN-APShaanxiMobileCommunicationCompanyLimit | false | |
223.100.19.169 | unknown | China | 56044 | CMNET-AS-LIAONINGChinaMobilecommunicationscorporationC | false | |
222.121.38.185 | unknown | Korea Republic of | 4766 | KIXS-AS-KRKoreaTelecomKR | false | |
117.175.152.205 | unknown | China | 9808 | CMNET-GDGuangdongMobileCommunicationCoLtdCN | false |