Overview

overview

3

Static

static

3

56元1年_...��.url

windows7-x64

1

56元1年_...��.url

windows10-2004-x64

1

jetbra/ja-...er.jar

windows7-x64

1

jetbra/ja-...er.jar

windows10-2004-x64

1

jetbra/plu...ns.jar

windows7-x64

1

jetbra/plu...ns.jar

windows10-2004-x64

1

jetbra/plu...me.jar

windows7-x64

1

jetbra/plu...me.jar

windows10-2004-x64

1

jetbra/plu...er.jar

windows7-x64

1

jetbra/plu...er.jar

windows10-2004-x64

1

jetbra/plu...rl.jar

windows7-x64

1

jetbra/plu...rl.jar

windows10-2004-x64

1

jetbra/scr...rs.vbs

windows7-x64

1

jetbra/scr...rs.vbs

windows10-2004-x64

3

jetbra/scr...er.vbs

windows7-x64

1

jetbra/scr...er.vbs

windows10-2004-x64

1

jetbra/scr...all.sh

ubuntu-18.04-amd64

3

jetbra/scr...all.sh

debian-9-armhf

3

jetbra/scr...all.sh

debian-9-mips

1

jetbra/scr...all.sh

debian-9-mipsel

3

jetbra/scr...rs.vbs

windows7-x64

3

jetbra/scr...rs.vbs

windows10-2004-x64

3

jetbra/scr...er.vbs

windows7-x64

1

jetbra/scr...er.vbs

windows10-2004-x64

1

jetbra/scr...all.sh

ubuntu-18.04-amd64

3

jetbra/scr...all.sh

debian-9-armhf

3

jetbra/scr...all.sh

debian-9-mips

3

jetbra/scr...all.sh

debian-9-mipsel

3

使用说�...��.pdf

windows7-x64

1

使用说�...��.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    2s
  • max time network
    153s
  • platform
    linux_mips
  • resource
    debian9-mipsbe-en-20211208
  • resource tags

    arch:mipsimage:debian9-mipsbe-en-20211208kernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipssystem
  • submitted
    17-08-2023 05:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    jetbra/scripts/uninstall.sh

  • Size

    1KB

  • MD5

    f8d12ad74edc1df03c1d71e723cf7317

  • SHA1

    437f66132747f12edaa30d81052b08f8ce99e7ed

  • SHA256

    ec93dfcdf02f00f21bff552e3ee6899850877a8cc7dd08033d474050ac67a956

  • SHA512

    5c46956b4497856e881b27aaa2f3306fa7922af180b52aacd1cc4f7881b5ee05d22d02688079cae836d588aacf6592dc2cbcad08fa03925302d20317034031c0

Score
3/10

Malware Config

Signatures

  • Reads runtime system information 3 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/jetbra/scripts/uninstall.sh
    /tmp/jetbra/scripts/uninstall.sh
    1⤵
      PID:335
      • /bin/uname
        uname -s
        2⤵
          PID:337
        • /usr/bin/touch
          touch /.profile
          2⤵
            PID:338
          • /usr/bin/touch
            touch /.bashrc
            2⤵
              PID:339
            • /usr/bin/touch
              touch /.zshrc
              2⤵
                PID:340
              • /bin/rm
                rm -rf /.jetbrains.vmoptions.sh
                2⤵
                  PID:342
                • /bin/sed
                  sed -i "/___MY_VMOPTIONS_SHELL_FILE=\"\${HOME}\\/\\.jetbrains\\.vmoptions\\.sh\"; if /d" /.profile
                  2⤵
                  • Reads runtime system information
                  PID:346
                • /bin/sed
                  sed -i "/___MY_VMOPTIONS_SHELL_FILE=\"\${HOME}\\/\\.jetbrains\\.vmoptions\\.sh\"; if /d" /.bashrc
                  2⤵
                  • Reads runtime system information
                  PID:347
                • /bin/sed
                  sed -i "/___MY_VMOPTIONS_SHELL_FILE=\"\${HOME}\\/\\.jetbrains\\.vmoptions\\.sh\"; if /d" /.zshrc
                  2⤵
                  • Reads runtime system information
                  PID:348
                • /bin/rm
                  rm -rf /.config/plasma-workspace/env/jetbrains.vmoptions.sh
                  2⤵
                    PID:349

                Network

                MITRE ATT&CK Matrix

                Replay Monitor

                Loading Replay Monitor...

                Downloads