dd47d4418c7c3b1b971123d2364f988f29ca78b8a7687742e8937e9ffc3bc297 | Triage

Sharing

General

Target

gog_undertale_2.0.0.1.sh
Size

122.5MB
Sample

221228-3ep6hsfa4w
MD5

e740df4e15974ad8c21f45ebe8426fb0
SHA1

71b07640d9da478858ebf67c3c84c42260bb427d
SHA256

dd47d4418c7c3b1b971123d2364f988f29ca78b8a7687742e8937e9ffc3bc297
SHA512

a5c307d81f99fd8697f1ac8bd911e3a9847f5306d75d671136e43c44ddbc4a5a4fb6e520d37a058865381940b9889424fc265655741964388ac9787bd1f05400
SSDEEP

3145728:Yf4gqKOqQFRZX9/jPkGw1Kd6jAfI0+Y9Yb2iQY:YggqKOqQPZt/DkGw1KdAAfICib2iQY

Score

7^/10

linux

Malware Config

Targets

- Target
  
  gog_undertale_2.0.0.1.sh
- Size
  
  122.5MB
- MD5
  
  e740df4e15974ad8c21f45ebe8426fb0
- SHA1
  
  71b07640d9da478858ebf67c3c84c42260bb427d
- SHA256
  
  dd47d4418c7c3b1b971123d2364f988f29ca78b8a7687742e8937e9ffc3bc297
- SHA512
  
  a5c307d81f99fd8697f1ac8bd911e3a9847f5306d75d671136e43c44ddbc4a5a4fb6e520d37a058865381940b9889424fc265655741964388ac9787bd1f05400
- SSDEEP
  
  3145728:Yf4gqKOqQFRZX9/jPkGw1Kd6jAfI0+Y9Yb2iQY:YggqKOqQPZt/DkGw1KdAAfICib2iQY
Score

7^/10
- Write file to user bin folder
- Writes file to shm directory
  Malware can drop malicious files in the shm directory which will run directly from RAM.
- Reads runtime system information
  Reads data from /proc virtual filesystem.
- Writes file to tmp directory
  Malware often drops required files in the /tmp directory.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hijack Execution Flow

Privilege Escalation

Hijack Execution Flow

Defense Evasion

Hijack Execution Flow

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1