Analysis
-
max time kernel
21200s -
max time network
133s -
platform
linux_mipsel -
resource
debian9-mipsel-en-20211208 -
resource tags
-
submitted
11-08-2022 02:05
General
-
Target
Opensea Mint/install_modules.sh
-
Size
3KB
-
MD5
05a28430f97b6db328b9f748005718cc
-
SHA1
da28f7c62b43f2cb97e5b6a2e71eb8199bdbae5c
-
SHA256
d05559d26e8db46d562314ecc55bb8f0f17518f313cf0f2e0cff690f4240aacf
-
SHA512
d2f64b14e83b668c03af5c4f9495a7b268a7756220b74df82e54fba0edea3f374e353dd69b9c293cd51fbd6c5ecaea86072ce2895f91a09451bf0cbd2019cbdf
Score
8/10
Malware Config
Signatures
-
Modifies hosts file 1 IoCs
Adds to hosts file used for mapping hosts to IP addresses.
-
Writes DNS configuration 1 TTPs 1 IoCs
Writes data to DNS resolver config file.
-
Write file to user bin folder 1 TTPs 1 IoCs
-
Writes file to tmp directory 3 IoCs
Malware often drops required files in the /tmp directory.
Processes
-
/tmp/Opensea Mint/install_modules.sh"/tmp/Opensea Mint/install_modules.sh"1⤵
- Writes file to tmp directory
-
/usr/bin/cpancpan install Authen::Passphrase::LANManager Authen::Passphrase::MySQL323 Authen::Passphrase::NTHash Authen::Passphrase::PHPass Bitcoin::Crypto Bitcoin::Crypto::Base58 Compress::Zlib Convert::EBCDIC Crypt::AuthEnc::GCM Crypt::CBC Crypt::DES Crypt::DES_EDE3 Crypt::Digest::RIPEMD160 Crypt::Digest::Whirlpool Crypt::ECB Crypt::Eksblowfish::Bcrypt Crypt::GCrypt Crypt::Mode::CBC Crypt::Mode::ECB Crypt::MySQL Crypt::OpenSSH::ChachaPoly Crypt::OpenSSL::EC Crypt::OpenSSL::Bignum::CTX Crypt::PBKDF2 Crypt::RC4 Crypt::Rijndael Crypt::ScryptKDF Crypt::Skip32 Crypt::Twofish Crypt::UnixCrypt_XS Data::Types Digest::BLAKE2 Digest::CMAC Digest::CRC Digest::GOST Digest::HMAC Digest::HMAC_MD5 Digest::Keccak Digest::MD4 Digest::MD5 Digest::MurmurHash3 Digest::Perl::MD5 Digest::SHA Digest::SHA1 Digest::SHA3 Digest::SipHash Encode JSON Math::BigInt MIME::Base64 Net::DNS::RR::NSEC3 Net::DNS::SEC POSIX Text::Iconv2⤵
- Modifies hosts file
- Writes DNS configuration
- Write file to user bin folder
- Writes file to tmp directory
-
/bin/pwd/bin/pwd3⤵