Overview

overview

5

Static

static

/.bash/crond

ubuntu-18.04-amd64

1

/.bash/makesalt

ubuntu-18.04-amd64

/.bash/psybncchk

ubuntu-18.04-amd64

5

/.bash/psybncchk

debian-9-armhf

1

/.bash/psybncchk

debian-9-mips

5

/.bash/psybncchk

debian-9-mipsel

1

/.bash/src/match.o

ubuntu-18.04-amd64

/.bash/sr...fish.o

ubuntu-18.04-amd64

/.bash/sr...ient.o

ubuntu-18.04-amd64

/.bash/src/p_crypt.o

ubuntu-18.04-amd64

/.bash/src/p_dcc.o

ubuntu-18.04-amd64

/.bash/src/p_hash.o

ubuntu-18.04-amd64

/.bash/src/p_idea.o

ubuntu-18.04-amd64

/.bash/sr...func.o

ubuntu-18.04-amd64

/.bash/sr...tnet.o

ubuntu-18.04-amd64

/.bash/src/p_link.o

ubuntu-18.04-amd64

/.bash/src/p_log.o

ubuntu-18.04-amd64

/.bash/sr...mory.o

ubuntu-18.04-amd64

/.bash/sr...work.o

ubuntu-18.04-amd64

/.bash/src/p_parse.o

ubuntu-18.04-amd64

/.bash/src/p_peer.o

ubuntu-18.04-amd64

/.bash/sr...ript.o

ubuntu-18.04-amd64

/.bash/sr...rver.o

ubuntu-18.04-amd64

/.bash/sr...cket.o

ubuntu-18.04-amd64

/.bash/sr...ring.o

ubuntu-18.04-amd64

/.bash/sr...smsg.o

ubuntu-18.04-amd64

/.bash/sr...logy.o

ubuntu-18.04-amd64

/.bash/sr...late.o

ubuntu-18.04-amd64

/.bash/sr...nnel.o

ubuntu-18.04-amd64

/.bash/sr...file.o

ubuntu-18.04-amd64

/.bash/src/psybnc.o

ubuntu-18.04-amd64

/.bash/sr...intf.o

ubuntu-18.04-amd64

Analysis

  • max time kernel
    0s
  • max time network
    153s
  • platform
    linux_mips
  • resource
    debian9-mipsbe-en-20211208
  • resource tags

    arch:mipsimage:debian9-mipsbe-en-20211208kernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipssystem
  • submitted
    25-11-2022 17:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    /.bash/psybncchk

  • Size

    369B

  • MD5

    9357d73079aeb1d8ff31ca7418bf1c2f

  • SHA1

    02f9d22cbc30e89c53c4c8f6c070fa8d2b4785c1

  • SHA256

    42ac148c3b73b8d4d47f54fd03a65f97c2b3495b20a1640f88d45b97d86c2331

  • SHA512

    65b21aed9ff27e4f5b38b946d4a9d50fcbc3380a0eb4153e73fc58786c4b446e343ec9c370f1cb7cbc5ad68f1d062b36303935a713b46afeeec8a143232923ed

Score
5/10

Malware Config

Signatures

  • Writes file to tmp directory 1 IoCs

    Malware often drops required files in the /tmp directory.

Processes

  • /tmp/ /.bash/psybncchk
    "/tmp/ /.bash/psybncchk"
    1⤵
    • Writes file to tmp directory
    PID:331
    • ./psybnc
      ./psybnc
      2⤵
        PID:332

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads