cd95d9e18d59d4ba06f10bdddc96199b9088b0a5a03f7bccb00a80d806fff2ee | Triage

Analysis

max time kernel
2s
platform
ubuntu-18.04_amd64
resource
ubuntu1804-amd64-20230621-en
resource tags

arch:amd64arch:i386image:ubuntu1804-amd64-20230621-enkernel:4.15.0-161-genericlocale:en-usos:ubuntu-18.04-amd64system
submitted
26-08-2023 05:26

Sharing

Report Analysis Logs

General

Target

bad
Size

16KB
MD5

ca8d87c729681c5383acea9a30666d38
SHA1

21a418dca4bbbcdf9d08356db8d7f33e361f064d
SHA256

cd95d9e18d59d4ba06f10bdddc96199b9088b0a5a03f7bccb00a80d806fff2ee
SHA512

4657d557066f95b7305df5a0dc96ceb9ede07264ff2e1ad79196827ea04b2962e63d1f5b16eb727a0822e760cdffdbb768869aea78bf8894e889af15ff781da0
SSDEEP

192:RuJlwkU26MykklZ2T3OH/yYWF3d/oiUA:oUvkklgafWaA

Score

3^/10

Malware Config

Signatures

Reads runtime system information 4 IoCs

Reads data from /proc virtual filesystem.

description	ioc	Process
File opened for reading	/proc/filesystems	sudo
File opened for reading	/proc/sys/kernel/ngroups_max	sudo
File opened for reading	/proc/self/stat	sudo
File opened for reading	/proc/self/fd	Process not Found

/tmp/bad
/tmp/bad
1⤵
PID:603
- /bin/sh
  sh -c "sudo rm -f /boot/grub/grub.cfg"
  2⤵
  PID:604
- - /usr/bin/sudo
    sudo rm -f /boot/grub/grub.cfg
    3⤵
    - Reads runtime system information
    PID:605
  - - /bin/rm
      rm -f /boot/grub/grub.cfg
      4⤵
      PID:606

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads