Overview

overview

3

Static

static

1

test.zip

windows7-x64

1

test.zip

windows10-2004-x64

1

test/bin/rtcwake

ubuntu-18.04-amd64

1

test/bin/run-init

ubuntu-18.04-amd64

1

test/bin/run-parts

ubuntu-18.04-amd64

1

test/bin/runlevel

ubuntu-18.04-amd64

1

test/bin/runsv

ubuntu-18.04-amd64

1

test/bin/runsvdir

ubuntu-18.04-amd64

1

test/bin/rx

ubuntu-18.04-amd64

1

test/bin/script

ubuntu-18.04-amd64

3

test/bin/scriptreplay

ubuntu-18.04-amd64

1

test/bin/sed

ubuntu-18.04-amd64

1

test/bin/sendmail

ubuntu-18.04-amd64

1

test/bin/seq

ubuntu-18.04-amd64

1

test/bin/setarch

ubuntu-20.04-amd64

1

test/bin/setconsole

ubuntu-18.04-amd64

1

test/bin/setfattr

ubuntu-18.04-amd64

1

test/bin/setfont

ubuntu-18.04-amd64

1

test/bin/setkeycodes

ubuntu-18.04-amd64

1

test/bin/setlogcons

ubuntu-18.04-amd64

1

test/bin/setpriv

ubuntu-18.04-amd64

1

test/bin/setserial

ubuntu-18.04-amd64

1

test/bin/setsid

ubuntu-18.04-amd64

1

test/bin/setuidgid

ubuntu-18.04-amd64

1

test/bin/sh

ubuntu-18.04-amd64

1

test/bin/sha1sum

ubuntu-18.04-amd64

1

test/bin/sha256sum

ubuntu-18.04-amd64

1

test/bin/sha3sum

ubuntu-18.04-amd64

1

test/bin/sha512sum

ubuntu-18.04-amd64

1

test/bin/showkey

ubuntu-20.04-amd64

1

test/bin/shred

ubuntu-18.04-amd64

1

test/bin/shuf

ubuntu-18.04-amd64

1

Resubmissions

21/02/2024, 21:33

240221-1ebl1sff21 1

21/02/2024, 21:21

240221-z7ptnsfd7t 3

21/02/2024, 21:11

240221-z1lhnsfh42 6

21/02/2024, 20:59

240221-zs7qyafc41 6

21/02/2024, 20:49

240221-zl1n2sfb6y 3

21/02/2024, 20:37

240221-zefqasfe76 6

21/02/2024, 20:24

240221-y65m3aeh3v 6

21/02/2024, 20:10

240221-yxsl5sfc47 6

21/02/2024, 19:59

240221-yqk9gsef4y 6

21/02/2024, 19:43

240221-ye7ncaeh25 6

Analysis

  • max time kernel
    5s
  • max time network
    67s
  • platform
    ubuntu-18.04_amd64
  • resource
    ubuntu1804-amd64-20240221-en
  • resource tags

    arch:amd64arch:i386image:ubuntu1804-amd64-20240221-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system
  • submitted
    21/02/2024, 20:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    test/bin/script

  • Size

    1.1MB

  • MD5

    991461b86aebecfd096dc11ff2a04b4b

  • SHA1

    dc5074340d4631bbf89adc122e8f1a3ca8d87564

  • SHA256

    dcd9a5af1c6297ed1a66c851efa305000335d8ade068ba515125a6612f1d5300

  • SHA512

    8692fb03afbb9601444911167f579c23dfece59d04816b18591f7eb712572f63ce7b12e42dcc02f0e67110208f31f44501708f4b8d0fd8f20be6f1ea3bc0f3a5

  • SSDEEP

    24576:qpLODejvoXyo2dIfScaxJZ7+0T8eaj+I++lZq49k77i:kLODe0XgdI83ak4/9k7u

Score
3/10

Malware Config

Signatures

  • Writes file to tmp directory 1 IoCs

    Malware often drops required files in the /tmp directory.

Processes

  • /tmp/test/bin/script
    /tmp/test/bin/script
    1⤵
    • Writes file to tmp directory
    PID:1528
    • /bin/bash
      /bin/bash -i
      2⤵
        PID:1529
    • /usr/bin/groups
      groups
      1⤵
        PID:1531
      • /usr/bin/lesspipe
        lesspipe
        1⤵
          PID:1533
          • /usr/bin/basename
            basename /usr/bin/lesspipe
            2⤵
              PID:1534
          • /usr/bin/dirname
            dirname /usr/bin/lesspipe
            1⤵
              PID:1536
            • /usr/bin/dircolors
              dircolors -b
              1⤵
                PID:1538

              Network

              MITRE ATT&CK Matrix

              Replay Monitor

              Loading Replay Monitor...

              Downloads

              • /tmp/test/bin/typescript
                Filesize

                51B

                MD5

                b60074e205f0cfae43eacd94f825d393

                SHA1

                acc20bec8bc88e591503b45d442586bb3c7df878

                SHA256

                3028bca8b7611bd1c630c07a1f9d5d5e7f642dbd145e8e4a26a680ad8c7cbecd

                SHA512

                d689779c3e1e483bf800e76cb41e617462c36ee479545115415c3dfcf7efa74daba897e45ef0a596c8541fd5b4da5c9bc5a1389cd28d2d61874c44d57e6d06c3

                Download Submit