Analysis
-
max time kernel
0s -
max time network
156s -
platform
linux_armhf -
resource
debian9-armhf-en-20211208 -
resource tags
-
submitted
24-03-2023 00:10
General
-
Target
AMON-Eye/C2-Profiles/concealer/C2concealer/generate-cert.sh
-
Size
3KB
-
MD5
1a71fdcc4eaf4242c75e4b29d1ab33be
-
SHA1
d1876d0174bcb3b83e7b23e78ac3eea1c4a4fa0d
-
SHA256
8673414c782db143a1471073e49829783c4cde49cb24b65cfb245d16f02003d0
-
SHA512
ddaf9fa70ce71a2d7471a04e9f63fc7e9f9dc07d561cbab17890c73b2e68ba735fe463d5d54cbfd4958add25a0cb1473f5a8a796561ff45017ee5541c845ace4
Score
7/10
Malware Config
Signatures
-
Write file to user bin folder 1 TTPs 1 IoCs
-
Reads runtime system information 1 IoCs
Reads data from /proc virtual filesystem.
-
Writes file to tmp directory 1 IoCs
Malware often drops required files in the /tmp directory.
Processes
-
/tmp/AMON-Eye/C2-Profiles/concealer/C2concealer/generate-cert.sh/tmp/AMON-Eye/C2-Profiles/concealer/C2concealer/generate-cert.sh1⤵
- Writes file to tmp directory
-
/usr/bin/whoamiwhoami2⤵
-
/usr/bin/clearclear2⤵
-
/usr/bin/idid -u2⤵
- Reads runtime system information
-
/usr/bin/whichwhich keytool2⤵
- Write file to user bin folder