Technical Information
Malicious functions:
Launches processes:
- <SAMPLE_FULL_PATH>
- /sbin/ldconfig -p
- /sbin/ldconfig.real -p
Performs operations with the file system:
Modifies file access rights:
- /tmp/_MEILKI97Z/_bisect.so
- /tmp/_MEILKI97Z/_codecs_cn.so
- /tmp/_MEILKI97Z/_codecs_hk.so
- /tmp/_MEILKI97Z/_codecs_iso2022.so
- /tmp/_MEILKI97Z/_codecs_jp.so
- /tmp/_MEILKI97Z/_codecs_kr.so
- /tmp/_MEILKI97Z/_codecs_tw.so
- /tmp/_MEILKI97Z/_collections.so
- /tmp/_MEILKI97Z/_ctypes.so
- /tmp/_MEILKI97Z/_functools.so
- /tmp/_MEILKI97Z/_hashlib.so
- /tmp/_MEILKI97Z/_heapq.so
- /tmp/_MEILKI97Z/_io.so
- /tmp/_MEILKI97Z/_json.so
- /tmp/_MEILKI97Z/_locale.so
- /tmp/_MEILKI97Z/_multibytecodec.so
- /tmp/_MEILKI97Z/_random.so
- /tmp/_MEILKI97Z/_socket.so
- /tmp/_MEILKI97Z/_sqlite3.so
- /tmp/_MEILKI97Z/_ssl.so
- /tmp/_MEILKI97Z/_struct.so
- /tmp/_MEILKI97Z/array.so
- /tmp/_MEILKI97Z/binascii.so
- /tmp/_MEILKI97Z/bz2.so
- /tmp/_MEILKI97Z/cPickle.so
- /tmp/_MEILKI97Z/cStringIO.so
- /tmp/_MEILKI97Z/datetime.so
- /tmp/_MEILKI97Z/fcntl.so
- /tmp/_MEILKI97Z/future_builtins.so
- /tmp/_MEILKI97Z/grp.so
- /tmp/_MEILKI97Z/itertools.so
- /tmp/_MEILKI97Z/libcrypto.so.1.0.0
- /tmp/_MEILKI97Z/libncursesw.so.5
- /tmp/_MEILKI97Z/libpython2.7.so.1.0
- /tmp/_MEILKI97Z/libreadline.so.6
- /tmp/_MEILKI97Z/libsqlite3.so.0
- /tmp/_MEILKI97Z/libssl.so.1.0.0
- /tmp/_MEILKI97Z/libtinfo.so.5
- /tmp/_MEILKI97Z/libz.so.1
- /tmp/_MEILKI97Z/math.so
- /tmp/_MEILKI97Z/operator.so
- /tmp/_MEILKI97Z/playhouse._speedups.so
- /tmp/_MEILKI97Z/pyexpat.so
- /tmp/_MEILKI97Z/readline.so
- /tmp/_MEILKI97Z/resource.so
- /tmp/_MEILKI97Z/select.so
- /tmp/_MEILKI97Z/simplejson._speedups.so
- /tmp/_MEILKI97Z/strop.so
- /tmp/_MEILKI97Z/termios.so
- /tmp/_MEILKI97Z/time.so
- /tmp/_MEILKI97Z/unicodedata.so
- /tmp/_MEILKI97Z/zlib.so
- /tmp/_MEILKI97Z/include/python2.7/pyconfig.h
- /tmp/_MEILKI97Z/lib/python2.7/config/Makefile
Creates folders:
- /tmp/_MEILKI97Z
- /tmp/_MEILKI97Z/include
- /tmp/_MEILKI97Z/include/python2.7
- /tmp/_MEILKI97Z/lib
- /tmp/_MEILKI97Z/lib/python2.7
- /tmp/_MEILKI97Z/lib/python2.7/config
Deletes folders:
- /tmp/_MEILKI97Z/include/python2.7"
- /tmp/_MEILKI97Z/include"
- /tmp/_MEILKI97Z/lib/python2.7/config"
- /tmp/_MEILKI97Z/lib/python2.7"
- /tmp/_MEILKI97Z/lib"
- /tmp/_MEILKI97Z"
Creates or modifies files:
- /tmp/_MEILKI97Z/_bisect.so
- /tmp/_MEILKI97Z/_codecs_cn.so
- /tmp/_MEILKI97Z/_codecs_hk.so
- /tmp/_MEILKI97Z/_codecs_iso2022.so
- /tmp/_MEILKI97Z/_codecs_jp.so
- /tmp/_MEILKI97Z/_codecs_kr.so
- /tmp/_MEILKI97Z/_codecs_tw.so
- /tmp/_MEILKI97Z/_collections.so
- /tmp/_MEILKI97Z/_ctypes.so
- /tmp/_MEILKI97Z/_functools.so
- /tmp/_MEILKI97Z/_hashlib.so
- /tmp/_MEILKI97Z/_heapq.so
- /tmp/_MEILKI97Z/_io.so
- /tmp/_MEILKI97Z/_json.so
- /tmp/_MEILKI97Z/_locale.so
- /tmp/_MEILKI97Z/_multibytecodec.so
- /tmp/_MEILKI97Z/_random.so
- /tmp/_MEILKI97Z/_socket.so
- /tmp/_MEILKI97Z/_sqlite3.so
- /tmp/_MEILKI97Z/_ssl.so
- /tmp/_MEILKI97Z/_struct.so
- /tmp/_MEILKI97Z/array.so
- /tmp/_MEILKI97Z/binascii.so
- /tmp/_MEILKI97Z/bz2.so
- /tmp/_MEILKI97Z/cPickle.so
- /tmp/_MEILKI97Z/cStringIO.so
- /tmp/_MEILKI97Z/datetime.so
- /tmp/_MEILKI97Z/fcntl.so
- /tmp/_MEILKI97Z/future_builtins.so
- /tmp/_MEILKI97Z/grp.so
- /tmp/_MEILKI97Z/itertools.so
- /tmp/_MEILKI97Z/libcrypto.so.1.0.0
- /tmp/_MEILKI97Z/libncursesw.so.5
- /tmp/_MEILKI97Z/libpython2.7.so.1.0
- /tmp/_MEILKI97Z/libreadline.so.6
- /tmp/_MEILKI97Z/libsqlite3.so.0
- /tmp/_MEILKI97Z/libssl.so.1.0.0
- /tmp/_MEILKI97Z/libtinfo.so.5
- /tmp/_MEILKI97Z/libz.so.1
- /tmp/_MEILKI97Z/math.so
- /tmp/_MEILKI97Z/operator.so
- /tmp/_MEILKI97Z/playhouse._speedups.so
- /tmp/_MEILKI97Z/pyexpat.so
- /tmp/_MEILKI97Z/readline.so
- /tmp/_MEILKI97Z/resource.so
- /tmp/_MEILKI97Z/select.so
- /tmp/_MEILKI97Z/simplejson._speedups.so
- /tmp/_MEILKI97Z/strop.so
- /tmp/_MEILKI97Z/termios.so
- /tmp/_MEILKI97Z/time.so
- /tmp/_MEILKI97Z/unicodedata.so
- /tmp/_MEILKI97Z/zlib.so
- /tmp/_MEILKI97Z/include/python2.7/pyconfig.h
- /tmp/_MEILKI97Z/lib/python2.7/config/Makefile
- /root/sentinel
Deletes files:
- /tmp/_MEILKI97Z/_struct.so"
- /tmp/_MEILKI97Z/_codecs_cn.so"
- /tmp/_MEILKI97Z/pyexpat.so"
- /tmp/_MEILKI97Z/libpython2.7.so.1.0"
- /tmp/_MEILKI97Z/array.so"
- /tmp/_MEILKI97Z/binascii.so"
- /tmp/_MEILKI97Z/_codecs_tw.so"
- /tmp/_MEILKI97Z/libssl.so.1.0.0"
- /tmp/_MEILKI97Z/datetime.so"
- /tmp/_MEILKI97Z/operator.so"
- /tmp/_MEILKI97Z/simplejson._speedups.so"
- /tmp/_MEILKI97Z/grp.so"
- /tmp/_MEILKI97Z/_json.so"
- /tmp/_MEILKI97Z/select.so"
- /tmp/_MEILKI97Z/_functools.so"
- /tmp/_MEILKI97Z/_bisect.so"
- /tmp/_MEILKI97Z/cPickle.so"
- /tmp/_MEILKI97Z/playhouse._speedups.so"
- /tmp/_MEILKI97Z/_codecs_kr.so"
- /tmp/_MEILKI97Z/zlib.so"
- /tmp/_MEILKI97Z/bz2.so"
- /tmp/_MEILKI97Z/fcntl.so"
- /tmp/_MEILKI97Z/_ssl.so"
- /tmp/_MEILKI97Z/libtinfo.so.5"
- /tmp/_MEILKI97Z/itertools.so"
- /tmp/_MEILKI97Z/_socket.so"
- /tmp/_MEILKI97Z/resource.so"
- /tmp/_MEILKI97Z/libcrypto.so.1.0.0"
- /tmp/_MEILKI97Z/_codecs_jp.so"
- /tmp/_MEILKI97Z/_codecs_hk.so"
- /tmp/_MEILKI97Z/_multibytecodec.so"
- /tmp/_MEILKI97Z/_sqlite3.so"
- /tmp/_MEILKI97Z/_io.so"
- /tmp/_MEILKI97Z/cStringIO.so"
- /tmp/_MEILKI97Z/readline.so"
- /tmp/_MEILKI97Z/_random.so"
- /tmp/_MEILKI97Z/_ctypes.so"
- /tmp/_MEILKI97Z/termios.so"
- /tmp/_MEILKI97Z/future_builtins.so"
- /tmp/_MEILKI97Z/_collections.so"
- /tmp/_MEILKI97Z/unicodedata.so"
- /tmp/_MEILKI97Z/_codecs_iso2022.so"
- /tmp/_MEILKI97Z/_hashlib.so"
- /tmp/_MEILKI97Z/strop.so"
- /tmp/_MEILKI97Z/math.so"
- /tmp/_MEILKI97Z/libncursesw.so.5"
- /tmp/_MEILKI97Z/time.so"
- /tmp/_MEILKI97Z/include/python2.7/pyconfig.h"
- /tmp/_MEILKI97Z/_heapq.so"
- /tmp/_MEILKI97Z/_locale.so"
- /tmp/_MEILKI97Z/lib/python2.7/config/Makefile"
- /tmp/_MEILKI97Z/libz.so.1"
- /tmp/_MEILKI97Z/libsqlite3.so.0"
- /tmp/_MEILKI97Z/libreadline.so.6"
Other:
Collects RAM information
