b089fcd4a23591b5b94198f4efeb166d81aea76e5a5785d5e0c5e5c885ad9c5f | Triage

Analysis

max time kernel
154s
max time network
145s
platform
ubuntu-18.04_amd64
resource
ubuntu1804-amd64-20231215-en
resource tags

arch:amd64arch:i386image:ubuntu1804-amd64-20231215-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system
submitted
21-12-2023 22:58

Sharing

Report Analysis Logs

General

Target

gosh/gen-pass.h
Size

14KB
MD5

2af8736a176fe45f921519d637a636ad
SHA1

98deb3be2d29f6df2a0dbe61e62f3faabb31a541
SHA256

0a059b23b89a52d9f9e24e35251f68e72e2345d1b1d3e24814311bc0d6b75a1a
SHA512

698f82065e99986865be7af088c901d55ae3836e9e9ca7349483803782122f03234eff8874beab5359b40720410d50d765246a434c010fc8180e86e36b6b283b
SSDEEP

384:+si6F2+TAenEAlt6tWHbpwf5bUD2yt3YanX:+si62+TlKo7dl39X

Score

7^/10

Malware Config

Signatures

Changes its process name 1 IoCs

description	ioc	pid	Process
Changes the process name, possibly in an attempt to hide itself	/usr/sbin/apache/log	1521	gen-pass.h

/tmp/gosh/gen-pass.h
/tmp/gosh/gen-pass.h
1⤵
- Changes its process name
PID:1521

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads