Overview

overview

7

Static

static

1

bin/dir

ubuntu-18.04-amd64

bin/encrypt

ubuntu-18.04-amd64

bin/find

ubuntu-18.04-amd64

bin/hide

ubuntu-18.04-amd64

3

bin/hide

debian-9-armhf

3

bin/hide

debian-9-mips

3

bin/hide

debian-9-mipsel

1

bin/ifconfig

ubuntu-18.04-amd64

bin/ls

ubuntu-18.04-amd64

bin/lsof

ubuntu-18.04-amd64

bin/md5sum

ubuntu-18.04-amd64

bin/netstat

ubuntu-18.04-amd64

bin/ps

ubuntu-18.04-amd64

bin/pstree

ubuntu-18.04-amd64

bin/shp

ubuntu-18.04-amd64

1

bin/shp

debian-9-armhf

1

bin/shp

debian-9-mips

1

bin/shp

debian-9-mipsel

1

bin/shsb

ubuntu-18.04-amd64

1

bin/shsb

debian-9-armhf

1

bin/shsb

debian-9-mips

1

bin/shsb

debian-9-mipsel

1

bin/shsniff

ubuntu-18.04-amd64

bin/slocate

ubuntu-18.04-amd64

.sh/shhk.pub

windows7-x64

4

.sh/shhk.pub

windows10-2004-x64

3

.sh/sshd

ubuntu-18.04-amd64

7

bin/syslogd

ubuntu-18.04-amd64

bin/sz

ubuntu-18.04-amd64

1

bin/sz

debian-9-armhf

1

bin/sz

debian-9-mips

1

bin/sz

debian-9-mipsel

1

Analysis

  • max time kernel
    4s
  • max time network
    7s
  • platform
    ubuntu-18.04_amd64
  • resource
    ubuntu1804-amd64-20231215-en
  • resource tags

    arch:amd64arch:i386image:ubuntu1804-amd64-20231215-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system
  • submitted
    22/12/2023, 16:30

Sharing

Copy URL Twitter E-mail

Errors

Reason
platform exec: stat /lib/ld-linux.so.2: no such file or directory payload error: fork/exec /tmp/bin/encrypt: no such file or directory
Report Analysis Logs

General

  • Target

    bin/encrypt

  • Size

    14KB

  • MD5

    f5f44fab05bac3fe711c618923ed3ef8

  • SHA1

    72377df6287c05fc4df499c43a2b6c41f7499753

  • SHA256

    7c9816b5f1b840eb8c5ecfc0fed29972877ca5bd909469d03f26d3b8f837043d

  • SHA512

    f6da55b78d582f4fd47ef5484fe990454f39b635559b2ec5ae0ab4338267f53e1a0f47bfba523c8718fa24b403a9306c751b162bb1f65bfe82ed3a3f6668c19b

  • SSDEEP

    384:flGzV0z3vNhSM/2z8l8rsa8msMp8hs8c87sT8DsD8hss8as98iXZ:tb/s8l8rsa8msS8hs8c87sT8DsD8hssm

Score
1/10

Malware Config

Signatures

Processes

  • /tmp/bin/encrypt
    /tmp/bin/encrypt
    1⤵
      PID:1536

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads