9e2e1fc764629f265a64e874d63ed4b3ea6e44e4a205b09b116ab1baad850d34

Analysis

max time kernel
30s
max time network
125s
platform
linux_amd64
resource
ubuntu1804-amd64-en-20211208
resource tags

arch:amd64arch:i386image:ubuntu1804-amd64-en-20211208kernel:4.15.0-161-genericlocale:en-usos:ubuntu-18.04-amd64system
submitted
31/05/2023, 19:04

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

setup-lin.sh
Size

661B
MD5

d6e05568eb09e1a3c5a1bf7927f29356
SHA1

96c8beddd7326f09e606babd610d1931c44a38df
SHA256

9e2e1fc764629f265a64e874d63ed4b3ea6e44e4a205b09b116ab1baad850d34
SHA512

3924427ea4d1b143f9b0ea3b981fc3cfb1d67f87da6ee190bb243490681a66fabd29b7c5ea3b05b595baf22dd0a78ed261bb0f5f94793a5ea9c6e5390eeb7ea0

Score

3^/10

Malware Config

Signatures

Reads runtime system information 59 IoCs

Reads data from /proc virtual filesystem.

description	ioc	Process
File opened for reading	/proc/filesystems	sed
File opened for reading	/proc/filesystems	dpkg
File opened for reading	/proc/sys/kernel/ngroups_max	sudo
File opened for reading	/proc/filesystems	dpkg
File opened for reading	/proc/filesystems	sed
File opened for reading	/proc/self/fd	Process not Found
File opened for reading	/proc/self/stat	sudo
File opened for reading	/proc/filesystems	find
File opened for reading	/proc/filesystems	dpkg
File opened for reading	/proc/filesystems	dpkg
File opened for reading	/proc/filesystems	cp
File opened for reading	/proc/filesystems	dpkg
File opened for reading	/proc/filesystems	dpkg
File opened for reading	/proc/filesystems	sed
File opened for reading	/proc/filesystems	dpkg
File opened for reading	/proc/filesystems	dpkg
File opened for reading	/proc/filesystems	dpkg
File opened for reading	/proc/filesystems	dpkg
File opened for reading	/proc/filesystems	dpkg
File opened for reading	/proc/self/stat	sudo
File opened for reading	/proc/filesystems	dpkg
File opened for reading	/proc/filesystems	dpkg
File opened for reading	/proc/filesystems	dpkg
File opened for reading	/proc/filesystems	dpkg
File opened for reading	/proc/filesystems	dpkg
File opened for reading	/proc/filesystems	sudo
File opened for reading	/proc/filesystems	dpkg
File opened for reading	/proc/filesystems	dpkg
File opened for reading	/proc/filesystems	dpkg
File opened for reading	/proc/filesystems	dpkg
File opened for reading	/proc/filesystems	dpkg
File opened for reading	/proc/sys/kernel/ngroups_max	sudo
File opened for reading	/proc/filesystems	dpkg
File opened for reading	/proc/filesystems	find
File opened for reading	/proc/filesystems	dpkg
File opened for reading	/proc/filesystems	dpkg
File opened for reading	/proc/filesystems	dpkg
File opened for reading	/proc/filesystems	dpkg
File opened for reading	/proc/filesystems	dpkg
File opened for reading	/proc/filesystems	cp
File opened for reading	/proc/filesystems	sed
File opened for reading	/proc/filesystems	dpkg
File opened for reading	/proc/filesystems	sed
File opened for reading	/proc/sys/kernel/ngroups_max	apt-get
File opened for reading	/proc/filesystems	cp
File opened for reading	/proc/filesystems	dpkg
File opened for reading	/proc/filesystems	dpkg
File opened for reading	/proc/filesystems	dpkg
File opened for reading	/proc/filesystems	find
File opened for reading	/proc/filesystems	sed
File opened for reading	/proc/filesystems	sudo
File opened for reading	/proc/filesystems	dpkg
File opened for reading	/proc/filesystems	dpkg
File opened for reading	/proc/filesystems	find
File opened for reading	/proc/filesystems	dpkg
File opened for reading	/proc/filesystems	cp
File opened for reading	/proc/filesystems	sed
File opened for reading	/proc/filesystems	dpkg
File opened for reading	/proc/filesystems	sed

Writes file to tmp directory 52 IoCs

Malware often drops required files in the /tmp directory.

description	ioc	Process
File opened for modification	/tmp/apt-key-gpghome.MmotYeneuN/gpg.1.sh	apt-key
File opened for modification	/tmp/fileutl.message.IU1n2A	apt-get
File opened for modification	/tmp/apt.sig.jGBytF	Process not Found
File opened for modification	/tmp/apt-key-gpghome.IQfZqKskSt/pubring.orig.gpg	cp
File opened for modification	/tmp/apt-key-gpghome.udx6jeCSBi/pubring.gpg	apt-key
File opened for modification	/tmp/apt-key-gpghome.E3Yi6Dy1kV/pubring.gpg	touch
File opened for modification	/tmp/fileutl.message.gnGav6	apt-get
File opened for modification	/tmp/fileutl.message.Ow2FGa	apt-get
File opened for modification	/tmp/fileutl.message.aYpJo8	apt-get
File opened for modification	/tmp/fileutl.message.ekcp5i	apt-get
File opened for modification	/tmp/fileutl.message.Kf3JVG	apt-get
File opened for modification	/tmp/apt-key-gpghome.IQfZqKskSt/pubring.gpg	touch
File opened for modification	/tmp/apt.data.Z8reFp	Process not Found
File opened for modification	/tmp/apt.data.aIb42S	Process not Found
File opened for modification	/tmp/fileutl.message.SpXD3M	apt-get
File opened for modification	/tmp/fileutl.message.SdcXIX	apt-get
File opened for modification	/tmp/apt-key-gpghome.MmotYeneuN/pubring.orig.gpg	cp
File opened for modification	/tmp/fileutl.message.k4SxIg	apt-get
File opened for modification	/tmp/apt.data.6islem	Process not Found
File opened for modification	/tmp/apt.data.iTefCI	Process not Found
File opened for modification	/tmp/apt-key-gpghome.IQfZqKskSt/pubring.gpg	apt-key
File opened for modification	/tmp/apt-key-gpghome.E3Yi6Dy1kV/pubring.orig.gpg	cp
File opened for modification	/tmp/apt-key-gpghome.MmotYeneuN/pubring.gpg	touch
File opened for modification	/tmp/fileutl.message.Kp2gJ0	apt-get
File opened for modification	/tmp/fileutl.message.WMr2uE	apt-get
File opened for modification	/tmp/fileutl.message.KsjYdP	apt-get
File opened for modification	/tmp/apt.sig.sklrA7	Process not Found
File opened for modification	/tmp/apt-key-gpghome.udx6jeCSBi/pubring.orig.gpg	cp
File opened for modification	/tmp/apt-key-gpghome.udx6jeCSBi/gpg.1.sh	apt-key
File opened for modification	/tmp/apt.sig.J2UHex	Process not Found
File opened for modification	/tmp/apt.conf.pl5iw0	Process not Found
File opened for modification	/tmp/apt.sig.9txL5c	Process not Found
File opened for modification	/tmp/apt.conf.cIA3Tr	Process not Found
File opened for modification	/tmp/fileutl.message.oPvmkv	apt-get
File opened for modification	/tmp/apt-key-gpghome.MmotYeneuN/pubring.gpg	apt-key
File opened for modification	/tmp/fileutl.message.0WhdpC	apt-get
File opened for modification	/tmp/fileutl.message.kl8Xaw	apt-get
File opened for modification	/tmp/fileutl.message.8Sih0h	apt-get
File opened for modification	/tmp/apt.conf.YjLxRl	Process not Found
File opened for modification	/tmp/apt-key-gpghome.IQfZqKskSt/gpg.1.sh	apt-key
File opened for modification	/tmp/fileutl.message.upD561	apt-get
File opened for modification	/tmp/apt.conf.YkJxWS	Process not Found
File opened for modification	/tmp/fileutl.message.egYF1K	apt-get
File opened for modification	/tmp/fileutl.message.kOSoMt	apt-get
File opened for modification	/tmp/fileutl.message.i7XDql	apt-get
File opened for modification	/tmp/fileutl.message.kjybXZ	apt-get
File opened for modification	/tmp/apt-key-gpghome.udx6jeCSBi/pubring.gpg	touch
File opened for modification	/tmp/fileutl.message.UTmzzO	apt-get
File opened for modification	/tmp/apt-key-gpghome.E3Yi6Dy1kV/pubring.gpg	apt-key
File opened for modification	/tmp/apt-key-gpghome.E3Yi6Dy1kV/gpg.1.sh	apt-key
File opened for modification	/tmp/fileutl.message.Y3sr7g	apt-get
File opened for modification	/tmp/fileutl.message.MjF7Kr	apt-get

/tmp/setup-lin.sh
/tmp/setup-lin.sh
1⤵
PID:575

/usr/local/sbin/bash
bash /tmp/setup-lin.sh
1⤵
PID:575

/usr/local/bin/bash
bash /tmp/setup-lin.sh
1⤵
PID:575

/usr/sbin/bash
bash /tmp/setup-lin.sh
1⤵
PID:575

/usr/bin/bash
bash /tmp/setup-lin.sh
1⤵
PID:575

/sbin/bash
bash /tmp/setup-lin.sh
1⤵
PID:575

/bin/bash
bash /tmp/setup-lin.sh
1⤵
PID:575
- /bin/rm
  rm /var/lib/dpkg/lock
  2⤵
  PID:576
- /bin/rm
  rm /var/cache/apt/archives/lock
  2⤵
  PID:577
- /bin/rm
  rm /var/lib/apt/lists/lock
  2⤵
  PID:578
- /usr/bin/sudo
  sudo dpkg --add-architecture i386
  2⤵
  - Reads runtime system information
  PID:579
- - /usr/bin/dpkg
    dpkg --add-architecture i386
    3⤵
    - Reads runtime system information
    PID:580
- /usr/bin/sudo
  sudo apt-get update
  2⤵
  - Reads runtime system information
  PID:581
- - /usr/bin/apt-get
    apt-get update
    3⤵
    - Reads runtime system information
    - Writes file to tmp directory
    PID:582
  - - /usr/bin/dpkg
      /usr/bin/dpkg --print-foreign-architectures
      4⤵
      Reads runtime system information
      PID:583
  - - /usr/lib/apt/methods/http
      /usr/lib/apt/methods/http
      4⤵
      PID:588
  - - /usr/lib/apt/methods/http
      /usr/lib/apt/methods/http
      4⤵
      PID:589
  - - /usr/lib/apt/methods/http
      /usr/lib/apt/methods/http
      4⤵
      PID:590
  - - /usr/lib/apt/methods/gpgv
      /usr/lib/apt/methods/gpgv
      4⤵
      PID:591
  - - /usr/lib/apt/methods/gpgv
      /usr/lib/apt/methods/gpgv
      4⤵
      PID:592
  - - /usr/bin/dpkg
      /usr/bin/dpkg --print-foreign-architectures
      4⤵
      Reads runtime system information
      PID:817

/usr/bin/apt-key
/usr/bin/apt-key --quiet --readonly verify --status-fd 3 /tmp/apt.sig.J2UHex /tmp/apt.data.iTefCI
1⤵
- Writes file to tmp directory
PID:594
- /usr/bin/apt-config
  apt-config shell MASTER_KEYRING APT::Key::MasterKeyring
  2⤵
  PID:596
- - /usr/bin/dpkg
    /usr/bin/dpkg --print-foreign-architectures
    3⤵
    - Reads runtime system information
    PID:597
- /usr/bin/apt-config
  apt-config shell ARCHIVE_KEYRING APT::Key::ArchiveKeyring
  2⤵
  PID:598
- - /usr/bin/dpkg
    /usr/bin/dpkg --print-foreign-architectures
    3⤵
    - Reads runtime system information
    PID:599
- /usr/bin/apt-config
  apt-config shell REMOVED_KEYS APT::Key::RemovedKeys
  2⤵
  PID:600
- - /usr/bin/dpkg
    /usr/bin/dpkg --print-foreign-architectures
    3⤵
    - Reads runtime system information
    PID:601
- /usr/bin/apt-config
  apt-config shell ARCHIVE_KEYRING_URI APT::Key::ArchiveKeyringURI
  2⤵
  PID:602
- - /usr/bin/dpkg
    /usr/bin/dpkg --print-foreign-architectures
    3⤵
    - Reads runtime system information
    PID:603
- /usr/bin/apt-config
  apt-config shell TRUSTEDFILE Apt::GPGV::TrustedKeyring
  2⤵
  PID:604
- - /usr/bin/dpkg
    /usr/bin/dpkg --print-foreign-architectures
    3⤵
    - Reads runtime system information
    PID:605
- /usr/bin/apt-config
  apt-config shell TRUSTEDFILE Dir::Etc::Trusted/f
  2⤵
  PID:606
- - /usr/bin/dpkg
    /usr/bin/dpkg --print-foreign-architectures
    3⤵
    - Reads runtime system information
    PID:607
- /usr/bin/apt-config
  apt-config shell GPGV Apt::Key::gpgvcommand
  2⤵
  PID:609
- - /usr/bin/dpkg
    /usr/bin/dpkg --print-foreign-architectures
    3⤵
    - Reads runtime system information
    PID:610
- /bin/mktemp
  mktemp --directory --tmpdir apt-key-gpghome.XXXXXXXXXX
  2⤵
  PID:611
- /bin/chmod
  chmod 700 /tmp/apt-key-gpghome.IQfZqKskSt
  2⤵
  PID:612
- /bin/readlink
  readlink -f /tmp/apt-key-gpghome.IQfZqKskSt
  2⤵
  PID:613
- /bin/rm
  rm -f /tmp/apt-key-gpghome.IQfZqKskSt/pubring.gpg
  2⤵
  PID:614
- /usr/bin/touch
  touch /tmp/apt-key-gpghome.IQfZqKskSt/pubring.gpg
  2⤵
  - Writes file to tmp directory
  PID:615
- /usr/bin/apt-config
  apt-config shell TRUSTEDPARTS Dir::Etc::TrustedParts/d
  2⤵
  PID:616
- - /usr/bin/dpkg
    /usr/bin/dpkg --print-foreign-architectures
    3⤵
    - Reads runtime system information
    PID:617
- /bin/readlink
  readlink -f /etc/apt/trusted.gpg.d/
  2⤵
  PID:618
- /usr/bin/find
  find /etc/apt/trusted.gpg.d -mindepth 1 -maxdepth 1 "(" -name "*.gpg" -o -name "*.asc" ")"
  2⤵
  - Reads runtime system information
  PID:619
- /usr/bin/cmp
  cmp --silent "--bytes=1" - /etc/apt/trusted.gpg.d/ubuntu-keyring-2012-archive.gpg
  2⤵
  PID:624
- /bin/cat
  cat /etc/apt/trusted.gpg.d/ubuntu-keyring-2012-archive.gpg
  2⤵
  PID:626
- /usr/bin/cmp
  cmp --silent "--bytes=1" - /etc/apt/trusted.gpg.d/ubuntu-keyring-2012-cdimage.gpg
  2⤵
  PID:628
- /bin/cat
  cat /etc/apt/trusted.gpg.d/ubuntu-keyring-2012-cdimage.gpg
  2⤵
  PID:630
- /usr/bin/cmp
  cmp --silent "--bytes=1" - /etc/apt/trusted.gpg.d/ubuntu-keyring-2018-archive.gpg
  2⤵
  PID:632
- /bin/cat
  cat /etc/apt/trusted.gpg.d/ubuntu-keyring-2018-archive.gpg
  2⤵
  PID:634
- /bin/cp
  cp -a /tmp/apt-key-gpghome.IQfZqKskSt/pubring.gpg /tmp/apt-key-gpghome.IQfZqKskSt/pubring.orig.gpg
  2⤵
  - Reads runtime system information
  - Writes file to tmp directory
  PID:635
- /usr/bin/gpgv
  gpgv --homedir /tmp/apt-key-gpghome.IQfZqKskSt --keyring /tmp/apt-key-gpghome.IQfZqKskSt/pubring.gpg --ignore-time-conflict --status-fd 3 /tmp/apt.sig.J2UHex /tmp/apt.data.iTefCI
  2⤵
  PID:642
- /usr/bin/gpgconf
  gpgconf --kill all
  2⤵
  PID:643
- - /usr/bin/gpg-connect-agent
    gpg-connect-agent --no-autostart KILLAGENT
    3⤵
    PID:644
- - /usr/bin/gpg-connect-agent
    gpg-connect-agent -s --no-autostart "GETINFO scd_running" "/if \${! \$?}" "scd killscd" /end
    3⤵
    PID:645
- - /usr/bin/gpg-connect-agent
    gpg-connect-agent --no-autostart --dirmngr KILLDIRMNGR
    3⤵
    PID:646
- /bin/rm
  rm -rf /tmp/apt-key-gpghome.IQfZqKskSt
  2⤵
  PID:647

/usr/bin/sort
sort
1⤵
PID:622

/bin/sed
sed -e "s#'#'\"'\"'#g"
1⤵
- Reads runtime system information
PID:638

/bin/sed
sed -e "s#'#'\"'\"'#g"
1⤵
- Reads runtime system information
PID:641

/usr/bin/apt-key
/usr/bin/apt-key --quiet --readonly verify --status-fd 3 /tmp/apt.sig.9txL5c /tmp/apt.data.Z8reFp
1⤵
- Writes file to tmp directory
PID:649
- /usr/bin/apt-config
  apt-config shell MASTER_KEYRING APT::Key::MasterKeyring
  2⤵
  PID:651
- - /usr/bin/dpkg
    /usr/bin/dpkg --print-foreign-architectures
    3⤵
    - Reads runtime system information
    PID:652
- /usr/bin/apt-config
  apt-config shell ARCHIVE_KEYRING APT::Key::ArchiveKeyring
  2⤵
  PID:653
- - /usr/bin/dpkg
    /usr/bin/dpkg --print-foreign-architectures
    3⤵
    - Reads runtime system information
    PID:654
- /usr/bin/apt-config
  apt-config shell REMOVED_KEYS APT::Key::RemovedKeys
  2⤵
  PID:655
- - /usr/bin/dpkg
    /usr/bin/dpkg --print-foreign-architectures
    3⤵
    - Reads runtime system information
    PID:656
- /usr/bin/apt-config
  apt-config shell ARCHIVE_KEYRING_URI APT::Key::ArchiveKeyringURI
  2⤵
  PID:657
- - /usr/bin/dpkg
    /usr/bin/dpkg --print-foreign-architectures
    3⤵
    - Reads runtime system information
    PID:658
- /usr/bin/apt-config
  apt-config shell TRUSTEDFILE Apt::GPGV::TrustedKeyring
  2⤵
  PID:659
- - /usr/bin/dpkg
    /usr/bin/dpkg --print-foreign-architectures
    3⤵
    - Reads runtime system information
    PID:660
- /usr/bin/apt-config
  apt-config shell TRUSTEDFILE Dir::Etc::Trusted/f
  2⤵
  PID:661
- - /usr/bin/dpkg
    /usr/bin/dpkg --print-foreign-architectures
    3⤵
    - Reads runtime system information
    PID:662
- /usr/bin/apt-config
  apt-config shell GPGV Apt::Key::gpgvcommand
  2⤵
  PID:664
- - /usr/bin/dpkg
    /usr/bin/dpkg --print-foreign-architectures
    3⤵
    - Reads runtime system information
    PID:665
- /bin/mktemp
  mktemp --directory --tmpdir apt-key-gpghome.XXXXXXXXXX
  2⤵
  PID:666
- /bin/chmod
  chmod 700 /tmp/apt-key-gpghome.udx6jeCSBi
  2⤵
  PID:667
- /bin/readlink
  readlink -f /tmp/apt-key-gpghome.udx6jeCSBi
  2⤵
  PID:668
- /bin/rm
  rm -f /tmp/apt-key-gpghome.udx6jeCSBi/pubring.gpg
  2⤵
  PID:669
- /usr/bin/touch
  touch /tmp/apt-key-gpghome.udx6jeCSBi/pubring.gpg
  2⤵
  - Writes file to tmp directory
  PID:670
- /usr/bin/apt-config
  apt-config shell TRUSTEDPARTS Dir::Etc::TrustedParts/d
  2⤵
  PID:671
- - /usr/bin/dpkg
    /usr/bin/dpkg --print-foreign-architectures
    3⤵
    - Reads runtime system information
    PID:672
- /bin/readlink
  readlink -f /etc/apt/trusted.gpg.d/
  2⤵
  PID:673
- /usr/bin/find
  find /etc/apt/trusted.gpg.d -mindepth 1 -maxdepth 1 "(" -name "*.gpg" -o -name "*.asc" ")"
  2⤵
  - Reads runtime system information
  PID:674
- /usr/bin/cmp
  cmp --silent "--bytes=1" - /etc/apt/trusted.gpg.d/ubuntu-keyring-2012-archive.gpg
  2⤵
  PID:679
- /bin/cat
  cat /etc/apt/trusted.gpg.d/ubuntu-keyring-2012-archive.gpg
  2⤵
  PID:681
- /usr/bin/cmp
  cmp --silent "--bytes=1" - /etc/apt/trusted.gpg.d/ubuntu-keyring-2012-cdimage.gpg
  2⤵
  PID:683
- /bin/cat
  cat /etc/apt/trusted.gpg.d/ubuntu-keyring-2012-cdimage.gpg
  2⤵
  PID:685
- /usr/bin/cmp
  cmp --silent "--bytes=1" - /etc/apt/trusted.gpg.d/ubuntu-keyring-2018-archive.gpg
  2⤵
  PID:687
- /bin/cat
  cat /etc/apt/trusted.gpg.d/ubuntu-keyring-2018-archive.gpg
  2⤵
  PID:689
- /bin/cp
  cp -a /tmp/apt-key-gpghome.udx6jeCSBi/pubring.gpg /tmp/apt-key-gpghome.udx6jeCSBi/pubring.orig.gpg
  2⤵
  - Reads runtime system information
  - Writes file to tmp directory
  PID:690
- /usr/bin/gpgv
  gpgv --homedir /tmp/apt-key-gpghome.udx6jeCSBi --keyring /tmp/apt-key-gpghome.udx6jeCSBi/pubring.gpg --ignore-time-conflict --status-fd 3 /tmp/apt.sig.9txL5c /tmp/apt.data.Z8reFp
  2⤵
  PID:697
- /usr/bin/gpgconf
  gpgconf --kill all
  2⤵
  PID:698
- - /usr/bin/gpg-connect-agent
    gpg-connect-agent --no-autostart KILLAGENT
    3⤵
    PID:699
- - /usr/bin/gpg-connect-agent
    gpg-connect-agent -s --no-autostart "GETINFO scd_running" "/if \${! \$?}" "scd killscd" /end
    3⤵
    PID:700
- - /usr/bin/gpg-connect-agent
    gpg-connect-agent --no-autostart --dirmngr KILLDIRMNGR
    3⤵
    PID:701
- /bin/rm
  rm -rf /tmp/apt-key-gpghome.udx6jeCSBi
  2⤵
  PID:702

/usr/bin/sort
sort
1⤵
PID:677

/bin/sed
sed -e "s#'#'\"'\"'#g"
1⤵
- Reads runtime system information
PID:693

/bin/sed
sed -e "s#'#'\"'\"'#g"
1⤵
- Reads runtime system information
PID:696

/usr/bin/apt-key
/usr/bin/apt-key --quiet --readonly verify --status-fd 3 /tmp/apt.sig.jGBytF /tmp/apt.data.aIb42S
1⤵
- Writes file to tmp directory
PID:704
- /usr/bin/apt-config
  apt-config shell MASTER_KEYRING APT::Key::MasterKeyring
  2⤵
  PID:706
- - /usr/bin/dpkg
    /usr/bin/dpkg --print-foreign-architectures
    3⤵
    - Reads runtime system information
    PID:707
- /usr/bin/apt-config
  apt-config shell ARCHIVE_KEYRING APT::Key::ArchiveKeyring
  2⤵
  PID:708
- - /usr/bin/dpkg
    /usr/bin/dpkg --print-foreign-architectures
    3⤵
    - Reads runtime system information
    PID:709
- /usr/bin/apt-config
  apt-config shell REMOVED_KEYS APT::Key::RemovedKeys
  2⤵
  PID:710
- - /usr/bin/dpkg
    /usr/bin/dpkg --print-foreign-architectures
    3⤵
    - Reads runtime system information
    PID:711
- /usr/bin/apt-config
  apt-config shell ARCHIVE_KEYRING_URI APT::Key::ArchiveKeyringURI
  2⤵
  PID:712
- - /usr/bin/dpkg
    /usr/bin/dpkg --print-foreign-architectures
    3⤵
    - Reads runtime system information
    PID:713
- /usr/bin/apt-config
  apt-config shell TRUSTEDFILE Apt::GPGV::TrustedKeyring
  2⤵
  PID:714
- - /usr/bin/dpkg
    /usr/bin/dpkg --print-foreign-architectures
    3⤵
    - Reads runtime system information
    PID:715
- /usr/bin/apt-config
  apt-config shell TRUSTEDFILE Dir::Etc::Trusted/f
  2⤵
  PID:716
- - /usr/bin/dpkg
    /usr/bin/dpkg --print-foreign-architectures
    3⤵
    - Reads runtime system information
    PID:717
- /usr/bin/apt-config
  apt-config shell GPGV Apt::Key::gpgvcommand
  2⤵
  PID:719
- - /usr/bin/dpkg
    /usr/bin/dpkg --print-foreign-architectures
    3⤵
    - Reads runtime system information
    PID:720
- /bin/mktemp
  mktemp --directory --tmpdir apt-key-gpghome.XXXXXXXXXX
  2⤵
  PID:721
- /bin/chmod
  chmod 700 /tmp/apt-key-gpghome.E3Yi6Dy1kV
  2⤵
  PID:722
- /bin/readlink
  readlink -f /tmp/apt-key-gpghome.E3Yi6Dy1kV
  2⤵
  PID:723
- /bin/rm
  rm -f /tmp/apt-key-gpghome.E3Yi6Dy1kV/pubring.gpg
  2⤵
  PID:724
- /usr/bin/touch
  touch /tmp/apt-key-gpghome.E3Yi6Dy1kV/pubring.gpg
  2⤵
  - Writes file to tmp directory
  PID:725
- /usr/bin/apt-config
  apt-config shell TRUSTEDPARTS Dir::Etc::TrustedParts/d
  2⤵
  PID:726
- - /usr/bin/dpkg
    /usr/bin/dpkg --print-foreign-architectures
    3⤵
    - Reads runtime system information
    PID:727
- /bin/readlink
  readlink -f /etc/apt/trusted.gpg.d/
  2⤵
  PID:728
- /usr/bin/find
  find /etc/apt/trusted.gpg.d -mindepth 1 -maxdepth 1 "(" -name "*.gpg" -o -name "*.asc" ")"
  2⤵
  - Reads runtime system information
  PID:729
- /usr/bin/cmp
  cmp --silent "--bytes=1" - /etc/apt/trusted.gpg.d/ubuntu-keyring-2012-archive.gpg
  2⤵
  PID:734
- /bin/cat
  cat /etc/apt/trusted.gpg.d/ubuntu-keyring-2012-archive.gpg
  2⤵
  PID:736
- /usr/bin/cmp
  cmp --silent "--bytes=1" - /etc/apt/trusted.gpg.d/ubuntu-keyring-2012-cdimage.gpg
  2⤵
  PID:738
- /bin/cat
  cat /etc/apt/trusted.gpg.d/ubuntu-keyring-2012-cdimage.gpg
  2⤵
  PID:740
- /usr/bin/cmp
  cmp --silent "--bytes=1" - /etc/apt/trusted.gpg.d/ubuntu-keyring-2018-archive.gpg
  2⤵
  PID:742
- /bin/cat
  cat /etc/apt/trusted.gpg.d/ubuntu-keyring-2018-archive.gpg
  2⤵
  PID:744
- /bin/cp
  cp -a /tmp/apt-key-gpghome.E3Yi6Dy1kV/pubring.gpg /tmp/apt-key-gpghome.E3Yi6Dy1kV/pubring.orig.gpg
  2⤵
  - Reads runtime system information
  - Writes file to tmp directory
  PID:745
- /usr/bin/gpgv
  gpgv --homedir /tmp/apt-key-gpghome.E3Yi6Dy1kV --keyring /tmp/apt-key-gpghome.E3Yi6Dy1kV/pubring.gpg --ignore-time-conflict --status-fd 3 /tmp/apt.sig.jGBytF /tmp/apt.data.aIb42S
  2⤵
  PID:752
- /usr/bin/gpgconf
  gpgconf --kill all
  2⤵
  PID:753
- - /usr/bin/gpg-connect-agent
    gpg-connect-agent --no-autostart KILLAGENT
    3⤵
    PID:754
- - /usr/bin/gpg-connect-agent
    gpg-connect-agent -s --no-autostart "GETINFO scd_running" "/if \${! \$?}" "scd killscd" /end
    3⤵
    PID:755
- - /usr/bin/gpg-connect-agent
    gpg-connect-agent --no-autostart --dirmngr KILLDIRMNGR
    3⤵
    PID:756
- /bin/rm
  rm -rf /tmp/apt-key-gpghome.E3Yi6Dy1kV
  2⤵
  PID:757

/usr/bin/sort
sort
1⤵
PID:732

/bin/sed
sed -e "s#'#'\"'\"'#g"
1⤵
- Reads runtime system information
PID:748

/bin/sed
sed -e "s#'#'\"'\"'#g"
1⤵
- Reads runtime system information
PID:751

/usr/bin/apt-key
/usr/bin/apt-key --quiet --readonly verify --status-fd 3 /tmp/apt.sig.sklrA7 /tmp/apt.data.6islem
1⤵
- Writes file to tmp directory
PID:759
- /usr/bin/apt-config
  apt-config shell MASTER_KEYRING APT::Key::MasterKeyring
  2⤵
  PID:761
- - /usr/bin/dpkg
    /usr/bin/dpkg --print-foreign-architectures
    3⤵
    - Reads runtime system information
    PID:762
- /usr/bin/apt-config
  apt-config shell ARCHIVE_KEYRING APT::Key::ArchiveKeyring
  2⤵
  PID:763
- - /usr/bin/dpkg
    /usr/bin/dpkg --print-foreign-architectures
    3⤵
    - Reads runtime system information
    PID:764
- /usr/bin/apt-config
  apt-config shell REMOVED_KEYS APT::Key::RemovedKeys
  2⤵
  PID:765
- - /usr/bin/dpkg
    /usr/bin/dpkg --print-foreign-architectures
    3⤵
    - Reads runtime system information
    PID:766
- /usr/bin/apt-config
  apt-config shell ARCHIVE_KEYRING_URI APT::Key::ArchiveKeyringURI
  2⤵
  PID:767
- - /usr/bin/dpkg
    /usr/bin/dpkg --print-foreign-architectures
    3⤵
    - Reads runtime system information
    PID:768
- /usr/bin/apt-config
  apt-config shell TRUSTEDFILE Apt::GPGV::TrustedKeyring
  2⤵
  PID:769
- - /usr/bin/dpkg
    /usr/bin/dpkg --print-foreign-architectures
    3⤵
    - Reads runtime system information
    PID:770
- /usr/bin/apt-config
  apt-config shell TRUSTEDFILE Dir::Etc::Trusted/f
  2⤵
  PID:771
- - /usr/bin/dpkg
    /usr/bin/dpkg --print-foreign-architectures
    3⤵
    - Reads runtime system information
    PID:772
- /usr/bin/apt-config
  apt-config shell GPGV Apt::Key::gpgvcommand
  2⤵
  PID:774
- - /usr/bin/dpkg
    /usr/bin/dpkg --print-foreign-architectures
    3⤵
    - Reads runtime system information
    PID:775
- /bin/mktemp
  mktemp --directory --tmpdir apt-key-gpghome.XXXXXXXXXX
  2⤵
  PID:776
- /bin/chmod
  chmod 700 /tmp/apt-key-gpghome.MmotYeneuN
  2⤵
  PID:777
- /bin/readlink
  readlink -f /tmp/apt-key-gpghome.MmotYeneuN
  2⤵
  PID:778
- /bin/rm
  rm -f /tmp/apt-key-gpghome.MmotYeneuN/pubring.gpg
  2⤵
  PID:779
- /usr/bin/touch
  touch /tmp/apt-key-gpghome.MmotYeneuN/pubring.gpg
  2⤵
  - Writes file to tmp directory
  PID:780
- /usr/bin/apt-config
  apt-config shell TRUSTEDPARTS Dir::Etc::TrustedParts/d
  2⤵
  PID:781
- - /usr/bin/dpkg
    /usr/bin/dpkg --print-foreign-architectures
    3⤵
    - Reads runtime system information
    PID:782
- /bin/readlink
  readlink -f /etc/apt/trusted.gpg.d/
  2⤵
  PID:783
- /usr/bin/find
  find /etc/apt/trusted.gpg.d -mindepth 1 -maxdepth 1 "(" -name "*.gpg" -o -name "*.asc" ")"
  2⤵
  - Reads runtime system information
  PID:784
- /usr/bin/cmp
  cmp --silent "--bytes=1" - /etc/apt/trusted.gpg.d/ubuntu-keyring-2012-archive.gpg
  2⤵
  PID:789
- /bin/cat
  cat /etc/apt/trusted.gpg.d/ubuntu-keyring-2012-archive.gpg
  2⤵
  PID:791
- /usr/bin/cmp
  cmp --silent "--bytes=1" - /etc/apt/trusted.gpg.d/ubuntu-keyring-2012-cdimage.gpg
  2⤵
  PID:793
- /bin/cat
  cat /etc/apt/trusted.gpg.d/ubuntu-keyring-2012-cdimage.gpg
  2⤵
  PID:795
- /usr/bin/cmp
  cmp --silent "--bytes=1" - /etc/apt/trusted.gpg.d/ubuntu-keyring-2018-archive.gpg
  2⤵
  PID:797
- /bin/cat
  cat /etc/apt/trusted.gpg.d/ubuntu-keyring-2018-archive.gpg
  2⤵
  PID:799
- /bin/cp
  cp -a /tmp/apt-key-gpghome.MmotYeneuN/pubring.gpg /tmp/apt-key-gpghome.MmotYeneuN/pubring.orig.gpg
  2⤵
  - Reads runtime system information
  - Writes file to tmp directory
  PID:800
- /usr/bin/gpgv
  gpgv --homedir /tmp/apt-key-gpghome.MmotYeneuN --keyring /tmp/apt-key-gpghome.MmotYeneuN/pubring.gpg --ignore-time-conflict --status-fd 3 /tmp/apt.sig.sklrA7 /tmp/apt.data.6islem
  2⤵
  PID:807
- /usr/bin/gpgconf
  gpgconf --kill all
  2⤵
  PID:808
- - /usr/bin/gpg-connect-agent
    gpg-connect-agent --no-autostart KILLAGENT
    3⤵
    PID:809
- - /usr/bin/gpg-connect-agent
    gpg-connect-agent -s --no-autostart "GETINFO scd_running" "/if \${! \$?}" "scd killscd" /end
    3⤵
    PID:810
- - /usr/bin/gpg-connect-agent
    gpg-connect-agent --no-autostart --dirmngr KILLDIRMNGR
    3⤵
    PID:811
- /bin/rm
  rm -rf /tmp/apt-key-gpghome.MmotYeneuN
  2⤵
  PID:812

/usr/bin/sort
sort
1⤵
PID:787

/bin/sed
sed -e "s#'#'\"'\"'#g"
1⤵
- Reads runtime system information
PID:803

/bin/sed
sed -e "s#'#'\"'\"'#g"
1⤵
- Reads runtime system information
PID:806

/bin/sh
sh -c "if /usr/bin/test -w /var/lib/command-not-found/ -a -e /usr/lib/cnf-update-db; then /usr/lib/cnf-update-db > /dev/null; fi"
1⤵
PID:814
- /usr/bin/test
  /usr/bin/test -w /var/lib/command-not-found/ -a -e /usr/lib/cnf-update-db
  2⤵
  PID:815
- /usr/lib/cnf-update-db
  /usr/lib/cnf-update-db
  2⤵
  PID:816

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/tmp/apt-key-gpghome.E3Yi6Dy1kV/gpg.1.sh

Filesize
82B

MD5
e25acc8a05d00d6bf9bcd7f4ae98239c

SHA1
d182bf45ac9fa085538d544f16929b73c545a2ca

SHA256
d61aeff2f4987f0ac3f208b8b575611f9f115f37bd32b5ab868fc1a877ddbbf9

SHA512
9598336492072e4e89a19c89a0f0898fd0770c2ce32b154c644f1a9b676069a7758cbd18f031c7c82196c3da9308d71e84ac88b828a4be29bc1b73aa619e1e56

Download Submit
/tmp/apt-key-gpghome.E3Yi6Dy1kV/pubring.gpg

Filesize
2KB

MD5
79650cd189f35a29603fc43202d399ad

SHA1
e3bdd5aec56b59d5eaff3f60caf46a6786fc7ff8

SHA256
5321d780da31a1fa35c044470ef849a2f6244048855fdc4c22e527b6366a0ef7

SHA512
34bad6f9713c5837d3139dcb3a49239373fe5c242f31c3ca539888d16c2d5e63074c806e700553bdf9b6879e3c2b48c835a900df4ff8dfa96afd041d2357733e

Download Submit
/tmp/apt-key-gpghome.E3Yi6Dy1kV/pubring.gpg

Filesize
5KB

MD5
34aa70714b28c0918716b6ce3bdb945e

SHA1
5c7cd1296bc98e2ea0e221beb45f8cbe65dd3016

SHA256
30ffc1b01e43be791a595d5125e9ce283b206ca8dd299ea2149ee01d7a39895e

SHA512
f06340e985e01e7aa3a03dc662f4a084c835f0a39e3af40616851d80bfc5948786cf10a403811fb5c46a98f949e7cfdfc1bb481a5bdfda9376812566dc55140d

Download Submit
/tmp/apt-key-gpghome.E3Yi6Dy1kV/pubring.gpg

Filesize
7KB

MD5
b3bf35c5e796db394a50f96b908b690f

SHA1
b1e90de4d9d88bac6c67926c0ff6263e3ef7c2d2

SHA256
cf419d6c58bea5f2586043ecbad4c44f27d6f6060e5be19993b857105a5be094

SHA512
a97f8881c83ddc681623e4f503f8f758afe85ae6c34e2339a635e9521ae1303aebb90a6bef7c1136b6bd2b7418facacf98643f24e8bb40f1f93fb8a8ef714a96

Download Submit
/tmp/apt-key-gpghome.IQfZqKskSt/gpg.1.sh

Filesize
82B

MD5
08331e8f8c4305bf29f977e847d40dc6

SHA1
e0db0cb3ddcb44255cc5465d167dfe2ae8d86130

SHA256
44874933621df742e30a902c6e2d58eae35a13f28a345734d42c8a1b8106db88

SHA512
486d903a49c3418ba6baa9cdc555aff3bee1fd857923d56fdede03f9aedd7104b4d0725d852d144ca1ebe650be5d54e5b1429a119ce30fa9510fe956a0a63eac

Download Submit
/tmp/apt-key-gpghome.IQfZqKskSt/pubring.gpg

Filesize
2KB

MD5
79650cd189f35a29603fc43202d399ad

SHA1
e3bdd5aec56b59d5eaff3f60caf46a6786fc7ff8

SHA256
5321d780da31a1fa35c044470ef849a2f6244048855fdc4c22e527b6366a0ef7

SHA512
34bad6f9713c5837d3139dcb3a49239373fe5c242f31c3ca539888d16c2d5e63074c806e700553bdf9b6879e3c2b48c835a900df4ff8dfa96afd041d2357733e

Download Submit
/tmp/apt-key-gpghome.IQfZqKskSt/pubring.gpg

Filesize
5KB

MD5
34aa70714b28c0918716b6ce3bdb945e

SHA1
5c7cd1296bc98e2ea0e221beb45f8cbe65dd3016

SHA256
30ffc1b01e43be791a595d5125e9ce283b206ca8dd299ea2149ee01d7a39895e

SHA512
f06340e985e01e7aa3a03dc662f4a084c835f0a39e3af40616851d80bfc5948786cf10a403811fb5c46a98f949e7cfdfc1bb481a5bdfda9376812566dc55140d

Download Submit
/tmp/apt-key-gpghome.IQfZqKskSt/pubring.gpg

Filesize
7KB

MD5
b3bf35c5e796db394a50f96b908b690f

SHA1
b1e90de4d9d88bac6c67926c0ff6263e3ef7c2d2

SHA256
cf419d6c58bea5f2586043ecbad4c44f27d6f6060e5be19993b857105a5be094

SHA512
a97f8881c83ddc681623e4f503f8f758afe85ae6c34e2339a635e9521ae1303aebb90a6bef7c1136b6bd2b7418facacf98643f24e8bb40f1f93fb8a8ef714a96

Download Submit
/tmp/apt-key-gpghome.IQfZqKskSt/pubring.orig.gpg

Filesize
7KB

MD5
b3bf35c5e796db394a50f96b908b690f

SHA1
b1e90de4d9d88bac6c67926c0ff6263e3ef7c2d2

SHA256
cf419d6c58bea5f2586043ecbad4c44f27d6f6060e5be19993b857105a5be094

SHA512
a97f8881c83ddc681623e4f503f8f758afe85ae6c34e2339a635e9521ae1303aebb90a6bef7c1136b6bd2b7418facacf98643f24e8bb40f1f93fb8a8ef714a96

Download Submit
/tmp/apt-key-gpghome.MmotYeneuN/gpg.1.sh

Filesize
82B

MD5
5c431807ffb95d420f06e1bc810d36a4

SHA1
948fb65893d17abe128883b4356b851b78f5aa28

SHA256
af3fd814fb3f8592f1212eb3d4b50b80e954298a10681528dfd0168960df8345

SHA512
e8847d5b7b03e0043d7e7cdba0a3b71169bcfc67340c8c9fd74140b0b256f0f17b625da0f30694d5fccd06ff0355330e8a69b60cd1e84b3d7e5ee726d184562b

Download Submit
/tmp/apt-key-gpghome.MmotYeneuN/pubring.gpg

Filesize
2KB

MD5
79650cd189f35a29603fc43202d399ad

SHA1
e3bdd5aec56b59d5eaff3f60caf46a6786fc7ff8

SHA256
5321d780da31a1fa35c044470ef849a2f6244048855fdc4c22e527b6366a0ef7

SHA512
34bad6f9713c5837d3139dcb3a49239373fe5c242f31c3ca539888d16c2d5e63074c806e700553bdf9b6879e3c2b48c835a900df4ff8dfa96afd041d2357733e

Download Submit
/tmp/apt-key-gpghome.MmotYeneuN/pubring.gpg

Filesize
5KB

MD5
34aa70714b28c0918716b6ce3bdb945e

SHA1
5c7cd1296bc98e2ea0e221beb45f8cbe65dd3016

SHA256
30ffc1b01e43be791a595d5125e9ce283b206ca8dd299ea2149ee01d7a39895e

SHA512
f06340e985e01e7aa3a03dc662f4a084c835f0a39e3af40616851d80bfc5948786cf10a403811fb5c46a98f949e7cfdfc1bb481a5bdfda9376812566dc55140d

Download Submit
/tmp/apt-key-gpghome.MmotYeneuN/pubring.gpg

Filesize
7KB

MD5
b3bf35c5e796db394a50f96b908b690f

SHA1
b1e90de4d9d88bac6c67926c0ff6263e3ef7c2d2

SHA256
cf419d6c58bea5f2586043ecbad4c44f27d6f6060e5be19993b857105a5be094

SHA512
a97f8881c83ddc681623e4f503f8f758afe85ae6c34e2339a635e9521ae1303aebb90a6bef7c1136b6bd2b7418facacf98643f24e8bb40f1f93fb8a8ef714a96

Download Submit
/tmp/apt-key-gpghome.udx6jeCSBi/gpg.1.sh

Filesize
82B

MD5
8fb2411b0e714721cc3c14c0a58d3fc9

SHA1
98634be370361181100541fea60e51953a01ccd6

SHA256
cd2772092090672f06f9313cd7a812232f97090860da53b561d01c0141ddc71b

SHA512
0d7b2084599857eb45b9124c0de41c7c4e0c960d8c23b5239abc34523eb6fd71883979cddafb1cdbf94692a95734aef5e7946d5b04401217ee6720fb50825e70

Download Submit
/tmp/apt-key-gpghome.udx6jeCSBi/pubring.gpg

Filesize
2KB

MD5
79650cd189f35a29603fc43202d399ad

SHA1
e3bdd5aec56b59d5eaff3f60caf46a6786fc7ff8

SHA256
5321d780da31a1fa35c044470ef849a2f6244048855fdc4c22e527b6366a0ef7

SHA512
34bad6f9713c5837d3139dcb3a49239373fe5c242f31c3ca539888d16c2d5e63074c806e700553bdf9b6879e3c2b48c835a900df4ff8dfa96afd041d2357733e

Download Submit
/tmp/apt-key-gpghome.udx6jeCSBi/pubring.gpg

Filesize
5KB

MD5
34aa70714b28c0918716b6ce3bdb945e

SHA1
5c7cd1296bc98e2ea0e221beb45f8cbe65dd3016

SHA256
30ffc1b01e43be791a595d5125e9ce283b206ca8dd299ea2149ee01d7a39895e

SHA512
f06340e985e01e7aa3a03dc662f4a084c835f0a39e3af40616851d80bfc5948786cf10a403811fb5c46a98f949e7cfdfc1bb481a5bdfda9376812566dc55140d

Download Submit
/tmp/apt-key-gpghome.udx6jeCSBi/pubring.gpg

Filesize
7KB

MD5
b3bf35c5e796db394a50f96b908b690f

SHA1
b1e90de4d9d88bac6c67926c0ff6263e3ef7c2d2

SHA256
cf419d6c58bea5f2586043ecbad4c44f27d6f6060e5be19993b857105a5be094

SHA512
a97f8881c83ddc681623e4f503f8f758afe85ae6c34e2339a635e9521ae1303aebb90a6bef7c1136b6bd2b7418facacf98643f24e8bb40f1f93fb8a8ef714a96

Download Submit
/tmp/apt.conf.YjLxRl

Filesize
10KB

MD5
216dd9cd5963d9cf0982b0a505097dbb

SHA1
21588d5d441aa7d81ec068ccf19df5d60a88f208

SHA256
d25dd24fe81fdf9088bd495e7c432c763cafedf6dc13791f5813a18210d71fcc

SHA512
b1c71b868cf43c934a1d34e266e09f7641cf5374e11771c9afb11de9e5662c1fe48fb50661785896bdd813c5f65a63e623ee075c7a0c878d0e7986c311611528

Download Submit
/tmp/apt.data.iTefCI

Filesize
235KB

MD5
373fe2f2ef99005d2550a482f09a3e51

SHA1
68e6572b55b1e77f7d171ebac7b2579b7a6bd51d

SHA256
7552d5ab0c3879756a860aaab8e7c2f8ffb9409ea9ff9e65fc046ba5c519ebe5

SHA512
def9e854b824d2fddc6a15f898be73cfb679ac38563f5af854546f49c9d5d2316a40176dc41d6b360bda7b65de53863a53e4eedadf6336000b031b77a113607b

Download Submit
/tmp/apt.sig.J2UHex

Filesize
819B

MD5
d5e6756b501abebfc16e6611e48606da

SHA1
a3270e96269204df29665bece4d3dd5947b38a9d

SHA256
c56395e30706b16a361d28d98758f356d404a32b9ad11cb684a108164197c4bb

SHA512
31a2d8307c1b898830b160234629c6ddd855cbc1e5f003013dff6b0681ca635ee83ee62e20fd404d667769d5f72d2fdc354e53266fd3584dab837f7c1f8ff55d

Download Submit
/tmp/fileutl.message.gnGav6

Filesize
235KB

MD5
373fe2f2ef99005d2550a482f09a3e51

SHA1
68e6572b55b1e77f7d171ebac7b2579b7a6bd51d

SHA256
7552d5ab0c3879756a860aaab8e7c2f8ffb9409ea9ff9e65fc046ba5c519ebe5

SHA512
def9e854b824d2fddc6a15f898be73cfb679ac38563f5af854546f49c9d5d2316a40176dc41d6b360bda7b65de53863a53e4eedadf6336000b031b77a113607b

Download Submit
/var/lib/apt/lists/partial/security.ubuntu.com_ubuntu_dists_bionic-security_InRelease

Filesize
86KB

MD5
88c67ddc29d62ed2da6b6824b4e94bdc

SHA1
e62d44b6878647d777bb7e4ede4124d0bdcad2b8

SHA256
42c928dd0ca09a8fabde4b08686105ea9345db994cfd4e89a6588e49f79e8f91

SHA512
b963d5894b9fc1e846cfca890bb5ba4d93b04e6a4fe57ccf8e9d2ac136ea8830ae87b311926dd9b4a00341a3822b10d2a7fbb93f537299f427e9b51bf452b06b

Download Submit
/var/lib/dpkg/arch-new

Filesize
11B

MD5
316d89ad577797b1b096fd75581f8a6e

SHA1
c8178651696abf51c9ecf025c675825d40f4ae0b

SHA256
279b0800c4410dee398be18200b897eb09071604ef455bce1f5f44283353e210

SHA512
bad946643693e35026ae7718e49c18df6fba2b046eb69d8d2d1f2e71a77a8b8261228c12485b90695116caf956437debe5345929ee7ccddcdebb85711f1e0a06

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads