d9d004e55744800cf40a6a448fa3ca1f6fd691786b6bbf79c583f90cc22b6139

Analysis

max time kernel
151s
max time network
122s
platform
linux_mips
resource
debian9-mipsbe-en-20211208
resource tags

arch:mipsimage:debian9-mipsbe-en-20211208kernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipssystem
submitted
11/10/2023, 23:04

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

timer.sh
Size

1KB
MD5

4c59290399e5f4051d24999fa1dc64f2
SHA1

2f90e1631643e4dcb342f6181d1488459bfff0a0
SHA256

d9d004e55744800cf40a6a448fa3ca1f6fd691786b6bbf79c583f90cc22b6139
SHA512

56aeb169e1c7ead2becfc35938e7c6a04fe44a00bb0a1aa0312ed220ec800807e21a0f02dcc1283a2d21234a36d26e7fe85231ae664b6f043d7530e7d7e31e45

Score

3^/10

Malware Config

Signatures

Reads runtime system information 1 IoCs

Reads data from /proc virtual filesystem.

description	ioc	Process
File opened for reading	/proc/filesystems	find

/tmp/timer.sh
/tmp/timer.sh
1⤵
PID:325
- /bin/rm
  rm -rf "/root/Documents/*"
  2⤵
  PID:327
- /bin/rm
  rm -rf "/root/Desktop/*"
  2⤵
  PID:331
- /bin/rm
  rm -rf "/root/Downloads/*"
  2⤵
  PID:332
- /usr/bin/find
  find . -type f
  2⤵
  - Reads runtime system information
  PID:333
- /usr/bin/basename
  basename ./timer.sh
  2⤵
  PID:334
- /usr/bin/clear
  clear
  2⤵
  PID:335
- /bin/sleep
  sleep 1
  2⤵
  PID:336
- /usr/bin/clear
  clear
  2⤵
  PID:337
- /bin/sleep
  sleep 1
  2⤵
  PID:338
- /usr/bin/clear
  clear
  2⤵
  PID:339
- /bin/sleep
  sleep 1
  2⤵
  PID:340
- /usr/bin/clear
  clear
  2⤵
  PID:341
- /bin/sleep
  sleep 1
  2⤵
  PID:342
- /usr/bin/clear
  clear
  2⤵
  PID:343
- /bin/sleep
  sleep 1
  2⤵
  PID:344
- /usr/bin/clear
  clear
  2⤵
  PID:345
- /bin/sleep
  sleep 1
  2⤵
  PID:346
- /usr/bin/clear
  clear
  2⤵
  PID:347
- /bin/sleep
  sleep 1
  2⤵
  PID:348
- /usr/bin/clear
  clear
  2⤵
  PID:349
- /bin/sleep
  sleep 1
  2⤵
  PID:350
- /usr/bin/clear
  clear
  2⤵
  PID:351
- /bin/sleep
  sleep 1
  2⤵
  PID:352
- /usr/bin/clear
  clear
  2⤵
  PID:353
- /bin/sleep
  sleep 1
  2⤵
  PID:354
- /usr/bin/clear
  clear
  2⤵
  PID:355
- /bin/sleep
  sleep 1
  2⤵
  PID:356
- /usr/bin/clear
  clear
  2⤵
  PID:357
- /bin/sleep
  sleep 1
  2⤵
  PID:358
- /usr/bin/clear
  clear
  2⤵
  PID:359
- /bin/sleep
  sleep 1
  2⤵
  PID:360
- /usr/bin/clear
  clear
  2⤵
  PID:361
- /bin/sleep
  sleep 1
  2⤵
  PID:362
- /usr/bin/clear
  clear
  2⤵
  PID:363
- /bin/sleep
  sleep 1
  2⤵
  PID:367
- /usr/bin/clear
  clear
  2⤵
  PID:368
- /bin/sleep
  sleep 1
  2⤵
  PID:369
- /usr/bin/clear
  clear
  2⤵
  PID:370
- /bin/sleep
  sleep 1
  2⤵
  PID:371
- /usr/bin/clear
  clear
  2⤵
  PID:372
- /bin/sleep
  sleep 1
  2⤵
  PID:373
- /usr/bin/clear
  clear
  2⤵
  PID:374
- /bin/sleep
  sleep 1
  2⤵
  PID:375
- /usr/bin/clear
  clear
  2⤵
  PID:376
- /bin/sleep
  sleep 1
  2⤵
  PID:377
- /usr/bin/clear
  clear
  2⤵
  PID:378
- /bin/sleep
  sleep 1
  2⤵
  PID:379
- /usr/bin/clear
  clear
  2⤵
  PID:380
- /bin/sleep
  sleep 1
  2⤵
  PID:381
- /usr/bin/clear
  clear
  2⤵
  PID:382
- /bin/sleep
  sleep 1
  2⤵
  PID:383
- /usr/bin/clear
  clear
  2⤵
  PID:384
- /bin/sleep
  sleep 1
  2⤵
  PID:385
- /usr/bin/clear
  clear
  2⤵
  PID:386
- /bin/sleep
  sleep 1
  2⤵
  PID:387
- /usr/bin/clear
  clear
  2⤵
  PID:388
- /bin/sleep
  sleep 1
  2⤵
  PID:389
- /usr/bin/clear
  clear
  2⤵
  PID:390
- /bin/sleep
  sleep 1
  2⤵
  PID:391
- /usr/bin/clear
  clear
  2⤵
  PID:392
- /bin/sleep
  sleep 1
  2⤵
  PID:393
- /usr/bin/clear
  clear
  2⤵
  PID:394
- /bin/sleep
  sleep 1
  2⤵
  PID:395
- /usr/bin/clear
  clear
  2⤵
  PID:396
- /bin/sleep
  sleep 1
  2⤵
  PID:397
- /usr/bin/clear
  clear
  2⤵
  PID:398
- /bin/sleep
  sleep 1
  2⤵
  PID:399
- /usr/bin/clear
  clear
  2⤵
  PID:400
- /bin/sleep
  sleep 1
  2⤵
  PID:401
- /usr/bin/clear
  clear
  2⤵
  PID:402
- /bin/sleep
  sleep 1
  2⤵
  PID:403
- /usr/bin/clear
  clear
  2⤵
  PID:404
- /bin/sleep
  sleep 1
  2⤵
  PID:405
- /usr/bin/clear
  clear
  2⤵
  PID:406
- /bin/sleep
  sleep 1
  2⤵
  PID:407
- /usr/bin/clear
  clear
  2⤵
  PID:408
- /bin/sleep
  sleep 1
  2⤵
  PID:409
- /usr/bin/clear
  clear
  2⤵
  PID:410
- /bin/sleep
  sleep 1
  2⤵
  PID:411
- /usr/bin/clear
  clear
  2⤵
  PID:412
- /bin/sleep
  sleep 1
  2⤵
  PID:413
- /usr/bin/clear
  clear
  2⤵
  PID:414
- /bin/sleep
  sleep 1
  2⤵
  PID:415
- /usr/bin/clear
  clear
  2⤵
  PID:416
- /bin/sleep
  sleep 1
  2⤵
  PID:417
- /usr/bin/clear
  clear
  2⤵
  PID:418
- /bin/sleep
  sleep 1
  2⤵
  PID:419
- /usr/bin/clear
  clear
  2⤵
  PID:420
- /bin/sleep
  sleep 1
  2⤵
  PID:421
- /usr/bin/clear
  clear
  2⤵
  PID:422
- /bin/sleep
  sleep 1
  2⤵
  PID:423
- /usr/bin/clear
  clear
  2⤵
  PID:424
- /bin/sleep
  sleep 1
  2⤵
  PID:425
- /usr/bin/clear
  clear
  2⤵
  PID:426
- /bin/sleep
  sleep 1
  2⤵
  PID:427
- /usr/bin/clear
  clear
  2⤵
  PID:428
- /bin/sleep
  sleep 1
  2⤵
  PID:429
- /usr/bin/clear
  clear
  2⤵
  PID:430
- /bin/sleep
  sleep 1
  2⤵
  PID:431
- /usr/bin/clear
  clear
  2⤵
  PID:432
- /bin/sleep
  sleep 1
  2⤵
  PID:433
- /usr/bin/clear
  clear
  2⤵
  PID:434
- /bin/sleep
  sleep 1
  2⤵
  PID:435
- /usr/bin/clear
  clear
  2⤵
  PID:436
- /bin/sleep
  sleep 1
  2⤵
  PID:437
- /usr/bin/clear
  clear
  2⤵
  PID:438
- /bin/sleep
  sleep 1
  2⤵
  PID:439
- /usr/bin/clear
  clear
  2⤵
  PID:440
- /bin/sleep
  sleep 1
  2⤵
  PID:441
- /usr/bin/clear
  clear
  2⤵
  PID:442
- /bin/sleep
  sleep 1
  2⤵
  PID:443
- /usr/bin/clear
  clear
  2⤵
  PID:444
- /bin/sleep
  sleep 1
  2⤵
  PID:445
- /usr/bin/clear
  clear
  2⤵
  PID:446
- /bin/sleep
  sleep 1
  2⤵
  PID:447
- /usr/bin/clear
  clear
  2⤵
  PID:448
- /bin/sleep
  sleep 1
  2⤵
  PID:449
- /usr/bin/clear
  clear
  2⤵
  PID:450
- /bin/sleep
  sleep 1
  2⤵
  PID:451
- /usr/bin/clear
  clear
  2⤵
  PID:452
- /bin/sleep
  sleep 1
  2⤵
  PID:453
- /usr/bin/clear
  clear
  2⤵
  PID:456
- /bin/sleep
  sleep 1
  2⤵
  PID:460
- /usr/bin/clear
  clear
  2⤵
  PID:474
- /bin/sleep
  sleep 1
  2⤵
  PID:478
- /usr/bin/clear
  clear
  2⤵
  PID:483
- /bin/sleep
  sleep 1
  2⤵
  PID:485
- /usr/bin/clear
  clear
  2⤵
  PID:486
- /bin/sleep
  sleep 1
  2⤵
  PID:487
- /usr/bin/clear
  clear
  2⤵
  PID:488
- /bin/sleep
  sleep 1
  2⤵
  PID:489
- /usr/bin/clear
  clear
  2⤵
  PID:490
- /bin/sleep
  sleep 1
  2⤵
  PID:491
- /usr/bin/clear
  clear
  2⤵
  PID:492
- /bin/sleep
  sleep 1
  2⤵
  PID:496
- /usr/bin/clear
  clear
  2⤵
  PID:502
- /bin/sleep
  sleep 1
  2⤵
  PID:506
- /usr/bin/clear
  clear
  2⤵
  PID:513
- /bin/sleep
  sleep 1
  2⤵
  PID:517
- /usr/bin/clear
  clear
  2⤵
  PID:524
- /bin/sleep
  sleep 1
  2⤵
  PID:527
- /usr/bin/clear
  clear
  2⤵
  PID:537
- /bin/sleep
  sleep 1
  2⤵
  PID:541
- /usr/bin/clear
  clear
  2⤵
  PID:547
- /bin/sleep
  sleep 1
  2⤵
  PID:548

Windows 7 deprecation

Loading Replay Monitor...

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads