Linux Analysis Report
CwJ4wKfQcgGNj

ID:	1560410
Product:	CloudBasic
Start time:	19:21:54
Start date:	21.11.2024
Sample:	CwJ4wKfQcgGNj
Cookbook:	defaultlinuxfilecookbook.jbs
System description:	Ubuntu Linux 16.04 x64 (Kernel 4.4.0-116, Firefox 88.0, Document Viewer 3.18.2, LibreOffice 5.1.6.2, OpenJDK 1.8.0_171)
Architecture:	LINUX
MD5:	379dca5f10a3967381ba47e47a4a20ed
SHA1:	6e069ade70cdfed84d0acbffc71f45e9f44d0521
SHA256:	91f66ba1ad49d3062afdcc80e54da0807207d80a1b539edcdbd6e1bf99e7a2ca
Filetype:	ELF Executable and Linkable format (generic) (4004/1) 100.00%

Name	Type	MD5	SHA1	SHA256

Networking

Source: CwJ4wKfQcgGNj	String found in binary or memory: http:///cargo/registry/src/index.crates.io-6f17d22bba15001f/reqwest-0.11.27/src/proxy.rssocks5socks5
Source: CwJ4wKfQcgGNj	String found in binary or memory: https://docs.rs/getrandom#nodejs-es-module-supportCalling

System Summary

Source: ELF static info symbol of initial sample

.symtab present: no

Source: classification engine

Classification label: sus20.evad.lin@0/0@0/0

Hooking and other Techniques for Hiding and Protection

Source: /tmp/CwJ4wKfQcgGNj (PID: 4698)

File: /tmp/CwJ4wKfQcgGNj

Jump to behavior