Overview

overview

7

Static

static

3

controlloi...er.zip

windows7-x64

1

controlloi...er.zip

windows10-2004-x64

1

controlloi...ignore

windows7-x64

3

controlloi...ignore

windows10-2004-x64

3

controlloi...ICENSE

windows7-x64

1

controlloi...ICENSE

windows10-2004-x64

1

controlloi...DME.md

windows7-x64

3

controlloi...DME.md

windows10-2004-x64

3

controlloi...andler

ubuntu-18.04-amd64

1

controlloi...art.sh

ubuntu-18.04-amd64

3

controlloi...art.sh

debian-9-armhf

3

controlloi...art.sh

debian-9-mips

3

controlloi...art.sh

debian-9-mipsel

3

controlloi....rules

windows7-x64

3

controlloi....rules

windows10-2004-x64

3

controlloi...tup.sh

ubuntu-18.04-amd64

3

controlloi...tup.sh

debian-9-armhf

3

controlloi...tup.sh

debian-9-mips

3

controlloi...tup.sh

debian-9-mipsel

3

controlloi...HANGES

windows7-x64

1

controlloi...HANGES

windows10-2004-x64

1

controlloi...DME.js

windows7-x64

1

controlloi...DME.js

windows10-2004-x64

1

controlloi...ocketd

ubuntu-18.04-amd64

3

controlloi...ce.dll

windows7-x64

1

controlloi...ce.dll

windows10-2004-x64

1

controlloi...er.exe

windows7-x64

1

controlloi...er.exe

windows10-2004-x64

1

controlloi...rt.bat

windows7-x64

7

controlloi...rt.bat

windows10-2004-x64

7

controlloi...te.exe

windows7-x64

1

controlloi...te.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    5s
  • max time network
    1119s
  • platform
    debian-9_mips
  • resource
    debian9-mipsbe-20221111-en
  • resource tags

    arch:mipsimage:debian9-mipsbe-20221111-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipssystem
  • submitted
    01/07/2023, 15:36 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    controlloid-server-master/dist/linux/start.sh

  • Size

    414B

  • MD5

    9b9aa7636bdb1df9e7da45fe72a29c71

  • SHA1

    b4f9643ed86ba2821b57d468467afa38d2bbf40b

  • SHA256

    62d7f98315d09ca7fd0e3b2bc34c831bd5fac624988485674a005f9ebc81d375

  • SHA512

    60673902da5b2bc899934aa72ec4c4e044cfb86a6119287cc0d05a98fbf43e75b2edbfa62bebe5d378a487b455bfd408769555f9995cb664cf4a4f06d34bcb9c

Score
3/10

Malware Config

Signatures

  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/controlloid-server-master/dist/linux/start.sh
    /tmp/controlloid-server-master/dist/linux/start.sh
    1⤵
      PID:337
    • /usr/local/sbin/bash
      bash /tmp/controlloid-server-master/dist/linux/start.sh
      1⤵
        PID:337
      • /usr/local/bin/bash
        bash /tmp/controlloid-server-master/dist/linux/start.sh
        1⤵
          PID:337
        • /usr/sbin/bash
          bash /tmp/controlloid-server-master/dist/linux/start.sh
          1⤵
            PID:337
          • /usr/bin/bash
            bash /tmp/controlloid-server-master/dist/linux/start.sh
            1⤵
              PID:337
            • /sbin/bash
              bash /tmp/controlloid-server-master/dist/linux/start.sh
              1⤵
                PID:337
              • /bin/bash
                bash /tmp/controlloid-server-master/dist/linux/start.sh
                1⤵
                  PID:337
                  • /usr/bin/dirname
                    dirname /tmp/controlloid-server-master/dist/linux/start.sh
                    2⤵
                      PID:338
                    • /sbin/ip
                      ip -4 -o addr show scope global
                      2⤵
                        PID:341
                      • /usr/bin/sort
                        sort
                        2⤵
                          PID:343
                        • /usr/bin/awk
                          awk "{gsub(/\\/.*/,\"\",\$4); print \$2, \"http://\"\$4\":31415/\"}"
                          2⤵
                            PID:342
                          • /bin/sed
                            sed "s/\\(http.\\+\\)/\\1/"
                            2⤵
                            • Reads runtime system information
                            PID:344
                          • /tmp/controlloid-server-master/dist/linux/websocketd/websocketd
                            ./websocketd/websocketd --binary --port 31415 "--staticdir=." ./bin/ws_handler
                            2⤵
                              PID:349

                          Network

                          MITRE ATT&CK Matrix

                          Replay Monitor

                          Loading Replay Monitor...

                          Downloads

                          We care about your privacy.

                          This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.