b4cbd5ce32c87b5fc2dab1c544e0a8c89708984d3264221fc515ba4a6622ab4e | Triage

Submit
Reports

Overview

overview

7

Static

static

1

pk1.sh

ubuntu-18.04-amd64

7

Sharing

General

Target

pk1.sh
Size

1KB
Sample

231209-wyxalsbdh4
MD5

f87da0d400c7171dbc56bf6c68c3ec9f
SHA1

d418529c03edb3d0345be0ce8a4bce4f2f260f71
SHA256

b4cbd5ce32c87b5fc2dab1c544e0a8c89708984d3264221fc515ba4a6622ab4e
SHA512

9b710896e0dae72e47da2ef79c7cb17fa8354aed290a670cecd0fcaeb2f818dcc5a824e4f7529cca9e64cd1bcbaa989cfed3cb9cb1f5fc441a547d047cf0c194

Score

7^/10

linux persistence upx

Static task

static1

Behavioral task

behavioral1

Sample

pk1.sh

Resource

ubuntu1804-amd64-20231201-en

persistence upx

ubuntu-18.04-amd64

8 signatures

300 seconds

Malware Config

Targets

- Target
  
  pk1.sh
- Size
  
  1KB
- MD5
  
  f87da0d400c7171dbc56bf6c68c3ec9f
- SHA1
  
  d418529c03edb3d0345be0ce8a4bce4f2f260f71
- SHA256
  
  b4cbd5ce32c87b5fc2dab1c544e0a8c89708984d3264221fc515ba4a6622ab4e
- SHA512
  
  9b710896e0dae72e47da2ef79c7cb17fa8354aed290a670cecd0fcaeb2f818dcc5a824e4f7529cca9e64cd1bcbaa989cfed3cb9cb1f5fc441a547d047cf0c194
Score

7^/10

persistence upx
- Changes its process name
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Creates/modifies Cron job
  Cron allows running tasks on a schedule, and is commonly used for malware persistence.
  persistence
- Enumerates running processes
  Discovers information about currently running processes on the system
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy