d9d004e55744800cf40a6a448fa3ca1f6fd691786b6bbf79c583f90cc22b6139

Analysis

max time kernel
150s
max time network
155s
platform
debian-9_mipsel
resource
debian9-mipsel-20230831-en
resource tags

arch:mipselimage:debian9-mipsel-20230831-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipselsystem
submitted
11/10/2023, 23:04

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

timer.sh
Size

1KB
MD5

4c59290399e5f4051d24999fa1dc64f2
SHA1

2f90e1631643e4dcb342f6181d1488459bfff0a0
SHA256

d9d004e55744800cf40a6a448fa3ca1f6fd691786b6bbf79c583f90cc22b6139
SHA512

56aeb169e1c7ead2becfc35938e7c6a04fe44a00bb0a1aa0312ed220ec800807e21a0f02dcc1283a2d21234a36d26e7fe85231ae664b6f043d7530e7d7e31e45

Score

3^/10

Malware Config

Signatures

Reads runtime system information 1 IoCs

Reads data from /proc virtual filesystem.

description	ioc	Process
File opened for reading	/proc/filesystems	find

/tmp/timer.sh
/tmp/timer.sh
1⤵
PID:346
- /bin/rm
  rm -rf "/root/Documents/*"
  2⤵
  PID:347
- /bin/rm
  rm -rf "/root/Desktop/*"
  2⤵
  PID:348
- /bin/rm
  rm -rf "/root/Downloads/*"
  2⤵
  PID:350
- /usr/bin/find
  find . -type f
  2⤵
  - Reads runtime system information
  PID:353
- /usr/bin/basename
  basename ./timer.sh
  2⤵
  PID:354
- /usr/bin/clear
  clear
  2⤵
  PID:355
- /bin/sleep
  sleep 1
  2⤵
  PID:356
- /usr/bin/clear
  clear
  2⤵
  PID:357
- /bin/sleep
  sleep 1
  2⤵
  PID:358
- /usr/bin/clear
  clear
  2⤵
  PID:359
- /bin/sleep
  sleep 1
  2⤵
  PID:360
- /usr/bin/clear
  clear
  2⤵
  PID:361
- /bin/sleep
  sleep 1
  2⤵
  PID:362
- /usr/bin/clear
  clear
  2⤵
  PID:363
- /bin/sleep
  sleep 1
  2⤵
  PID:364
- /usr/bin/clear
  clear
  2⤵
  PID:365
- /bin/sleep
  sleep 1
  2⤵
  PID:366
- /usr/bin/clear
  clear
  2⤵
  PID:367
- /bin/sleep
  sleep 1
  2⤵
  PID:368
- /usr/bin/clear
  clear
  2⤵
  PID:369
- /bin/sleep
  sleep 1
  2⤵
  PID:370
- /usr/bin/clear
  clear
  2⤵
  PID:371
- /bin/sleep
  sleep 1
  2⤵
  PID:372
- /usr/bin/clear
  clear
  2⤵
  PID:373
- /bin/sleep
  sleep 1
  2⤵
  PID:374
- /usr/bin/clear
  clear
  2⤵
  PID:375
- /bin/sleep
  sleep 1
  2⤵
  PID:376
- /usr/bin/clear
  clear
  2⤵
  PID:377
- /bin/sleep
  sleep 1
  2⤵
  PID:378
- /usr/bin/clear
  clear
  2⤵
  PID:379
- /bin/sleep
  sleep 1
  2⤵
  PID:380
- /usr/bin/clear
  clear
  2⤵
  PID:381
- /bin/sleep
  sleep 1
  2⤵
  PID:382
- /usr/bin/clear
  clear
  2⤵
  PID:383
- /bin/sleep
  sleep 1
  2⤵
  PID:384
- /usr/bin/clear
  clear
  2⤵
  PID:385
- /bin/sleep
  sleep 1
  2⤵
  PID:386
- /usr/bin/clear
  clear
  2⤵
  PID:387
- /bin/sleep
  sleep 1
  2⤵
  PID:388
- /usr/bin/clear
  clear
  2⤵
  PID:389
- /bin/sleep
  sleep 1
  2⤵
  PID:393
- /usr/bin/clear
  clear
  2⤵
  PID:394
- /bin/sleep
  sleep 1
  2⤵
  PID:395
- /usr/bin/clear
  clear
  2⤵
  PID:396
- /bin/sleep
  sleep 1
  2⤵
  PID:397
- /usr/bin/clear
  clear
  2⤵
  PID:398
- /bin/sleep
  sleep 1
  2⤵
  PID:399
- /usr/bin/clear
  clear
  2⤵
  PID:400
- /bin/sleep
  sleep 1
  2⤵
  PID:401
- /usr/bin/clear
  clear
  2⤵
  PID:402
- /bin/sleep
  sleep 1
  2⤵
  PID:403
- /usr/bin/clear
  clear
  2⤵
  PID:404
- /bin/sleep
  sleep 1
  2⤵
  PID:405
- /usr/bin/clear
  clear
  2⤵
  PID:406
- /bin/sleep
  sleep 1
  2⤵
  PID:407
- /usr/bin/clear
  clear
  2⤵
  PID:408
- /bin/sleep
  sleep 1
  2⤵
  PID:409
- /usr/bin/clear
  clear
  2⤵
  PID:410
- /bin/sleep
  sleep 1
  2⤵
  PID:411
- /usr/bin/clear
  clear
  2⤵
  PID:412
- /bin/sleep
  sleep 1
  2⤵
  PID:413
- /usr/bin/clear
  clear
  2⤵
  PID:414
- /bin/sleep
  sleep 1
  2⤵
  PID:415
- /usr/bin/clear
  clear
  2⤵
  PID:416
- /bin/sleep
  sleep 1
  2⤵
  PID:417
- /usr/bin/clear
  clear
  2⤵
  PID:418
- /bin/sleep
  sleep 1
  2⤵
  PID:419
- /usr/bin/clear
  clear
  2⤵
  PID:420
- /bin/sleep
  sleep 1
  2⤵
  PID:421
- /usr/bin/clear
  clear
  2⤵
  PID:422
- /bin/sleep
  sleep 1
  2⤵
  PID:423
- /usr/bin/clear
  clear
  2⤵
  PID:424
- /bin/sleep
  sleep 1
  2⤵
  PID:425
- /usr/bin/clear
  clear
  2⤵
  PID:426
- /bin/sleep
  sleep 1
  2⤵
  PID:427
- /usr/bin/clear
  clear
  2⤵
  PID:428
- /bin/sleep
  sleep 1
  2⤵
  PID:429
- /usr/bin/clear
  clear
  2⤵
  PID:430
- /bin/sleep
  sleep 1
  2⤵
  PID:431
- /usr/bin/clear
  clear
  2⤵
  PID:432
- /bin/sleep
  sleep 1
  2⤵
  PID:433
- /usr/bin/clear
  clear
  2⤵
  PID:434
- /bin/sleep
  sleep 1
  2⤵
  PID:435
- /usr/bin/clear
  clear
  2⤵
  PID:436
- /bin/sleep
  sleep 1
  2⤵
  PID:437
- /usr/bin/clear
  clear
  2⤵
  PID:438
- /bin/sleep
  sleep 1
  2⤵
  PID:439
- /usr/bin/clear
  clear
  2⤵
  PID:440
- /bin/sleep
  sleep 1
  2⤵
  PID:441
- /usr/bin/clear
  clear
  2⤵
  PID:442
- /bin/sleep
  sleep 1
  2⤵
  PID:443
- /usr/bin/clear
  clear
  2⤵
  PID:444
- /bin/sleep
  sleep 1
  2⤵
  PID:445
- /usr/bin/clear
  clear
  2⤵
  PID:446
- /bin/sleep
  sleep 1
  2⤵
  PID:447
- /usr/bin/clear
  clear
  2⤵
  PID:448
- /bin/sleep
  sleep 1
  2⤵
  PID:449
- /usr/bin/clear
  clear
  2⤵
  PID:450
- /bin/sleep
  sleep 1
  2⤵
  PID:451
- /usr/bin/clear
  clear
  2⤵
  PID:452
- /bin/sleep
  sleep 1
  2⤵
  PID:453
- /usr/bin/clear
  clear
  2⤵
  PID:454
- /bin/sleep
  sleep 1
  2⤵
  PID:455
- /usr/bin/clear
  clear
  2⤵
  PID:456
- /bin/sleep
  sleep 1
  2⤵
  PID:457
- /usr/bin/clear
  clear
  2⤵
  PID:458
- /bin/sleep
  sleep 1
  2⤵
  PID:459
- /usr/bin/clear
  clear
  2⤵
  PID:460
- /bin/sleep
  sleep 1
  2⤵
  PID:461
- /usr/bin/clear
  clear
  2⤵
  PID:462
- /bin/sleep
  sleep 1
  2⤵
  PID:463
- /usr/bin/clear
  clear
  2⤵
  PID:464
- /bin/sleep
  sleep 1
  2⤵
  PID:465
- /usr/bin/clear
  clear
  2⤵
  PID:466
- /bin/sleep
  sleep 1
  2⤵
  PID:467
- /usr/bin/clear
  clear
  2⤵
  PID:468
- /bin/sleep
  sleep 1
  2⤵
  PID:469
- /usr/bin/clear
  clear
  2⤵
  PID:470
- /bin/sleep
  sleep 1
  2⤵
  PID:471
- /usr/bin/clear
  clear
  2⤵
  PID:472
- /bin/sleep
  sleep 1
  2⤵
  PID:473
- /usr/bin/clear
  clear
  2⤵
  PID:474
- /bin/sleep
  sleep 1
  2⤵
  PID:475
- /usr/bin/clear
  clear
  2⤵
  PID:476
- /bin/sleep
  sleep 1
  2⤵
  PID:477
- /usr/bin/clear
  clear
  2⤵
  PID:478
- /bin/sleep
  sleep 1
  2⤵
  PID:479
- /usr/bin/clear
  clear
  2⤵
  PID:480
- /bin/sleep
  sleep 1
  2⤵
  PID:481
- /usr/bin/clear
  clear
  2⤵
  PID:482
- /bin/sleep
  sleep 1
  2⤵
  PID:483
- /usr/bin/clear
  clear
  2⤵
  PID:484
- /bin/sleep
  sleep 1
  2⤵
  PID:485
- /usr/bin/clear
  clear
  2⤵
  PID:486
- /bin/sleep
  sleep 1
  2⤵
  PID:487
- /usr/bin/clear
  clear
  2⤵
  PID:488
- /bin/sleep
  sleep 1
  2⤵
  PID:489
- /usr/bin/clear
  clear
  2⤵
  PID:490
- /bin/sleep
  sleep 1
  2⤵
  PID:491
- /usr/bin/clear
  clear
  2⤵
  PID:492
- /bin/sleep
  sleep 1
  2⤵
  PID:493
- /usr/bin/clear
  clear
  2⤵
  PID:498
- /bin/sleep
  sleep 1
  2⤵
  PID:507
- /usr/bin/clear
  clear
  2⤵
  PID:521
- /bin/sleep
  sleep 1
  2⤵
  PID:523
- /usr/bin/clear
  clear
  2⤵
  PID:524
- /bin/sleep
  sleep 1
  2⤵
  PID:525
- /usr/bin/clear
  clear
  2⤵
  PID:526
- /bin/sleep
  sleep 1
  2⤵
  PID:527
- /usr/bin/clear
  clear
  2⤵
  PID:528
- /bin/sleep
  sleep 1
  2⤵
  PID:529
- /usr/bin/clear
  clear
  2⤵
  PID:532
- /bin/sleep
  sleep 1
  2⤵
  PID:536
- /usr/bin/clear
  clear
  2⤵
  PID:546
- /bin/sleep
  sleep 1
  2⤵
  PID:551
- /usr/bin/clear
  clear
  2⤵
  PID:560
- /bin/sleep
  sleep 1
  2⤵
  PID:564
- /usr/bin/clear
  clear
  2⤵
  PID:576
- /bin/sleep
  sleep 1
  2⤵
  PID:581
- /usr/bin/clear
  clear
  2⤵
  PID:583
- /bin/sleep
  sleep 1
  2⤵
  PID:584
- /usr/bin/clear
  clear
  2⤵
  PID:585
- /bin/sleep
  sleep 1
  2⤵
  PID:586
- /usr/bin/clear
  clear
  2⤵
  PID:587
- /bin/sleep
  sleep 1
  2⤵
  PID:588
- /usr/bin/clear
  clear
  2⤵
  PID:595
- /bin/sleep
  sleep 1
  2⤵
  PID:600
- /usr/bin/clear
  clear
  2⤵
  PID:608
- /bin/sleep
  sleep 1
  2⤵
  PID:613
- /usr/bin/clear
  clear
  2⤵
  PID:622
- /bin/sleep
  sleep 1
  2⤵
  PID:624
- /usr/bin/clear
  clear
  2⤵
  PID:625

Windows 7 deprecation

Loading Replay Monitor...

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads