Analysis

  • max time kernel
    0s
  • platform
    linux_armhf
  • resource
    debian9-armhf-en-20211025
  • submitted
    01-11-2021 20:30

Errors

Reason
platform exec: exit status 1: 2021/10/25 15:52:57 insmod stahp.ko pid=347 receiver=10.127.0.1:40505 2021/10/25 15:53:00 Failed to copy payload to wsusoffline/sh/fix-file-permissions.bash -> open wsusoffline/sh/fix-file-permissions.bash: no such file or directory 2021/10/25 15:53:07 Payload error: fork/exec /tmp/036716428/payload.dat: no such file or directory

General

  • Target

    wsusoffline/sh/fix-file-permissions.bash

  • Size

    2KB

  • MD5

    b746b5f4c2059408199a07ba1cead9c6

  • SHA1

    ccab7dc6dd748bec8b32cfbdabea30a41d2b6965

  • SHA256

    97ec0f5ec66f7351471bbd414b185368bd0248a30703929f7ed9590f54a319c7

  • SHA512

    2ea88bbd1abb0b4d583ee85a017b3453d49f7498788a0b4138b69071b3bdb45ffe2d272db4629805cec512c586129a604f28d62d014dc9b4923bd8cb66d69c40

Score
1/10

Malware Config

Signatures

Processes

  • /tmp/036716428/payload.dat
    /tmp/036716428/payload.dat
    1⤵
      PID:355

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads