General
-
Target
exec.sh
-
Size
842B
-
Sample
240313-2y312sbf3w
-
MD5
4eeac4436b9c68f85b1c3a2bae62d3f3
-
SHA1
4895bfd63ba3ae5fd97f69c4a243d4bae7eddfa1
-
SHA256
bfa195bd238473bfead86e74b796c4721d1f5281c284b96ff29d8806a82a6520
-
SHA512
e0091672dd843f9dd87b50f43c8b09711cd1b02c40a5a8e51a53878cdd213881328583e99d1d92aef5c497abdd3f181fe6f3a740aedb7d66918c05788bbd0e5b
Static task
static1
Behavioral task
behavioral1
Sample
exec.sh
Resource
ubuntu1804-amd64-20240226-en
Behavioral task
behavioral2
Sample
exec.sh
Resource
debian9-armhf-20240226-en
Behavioral task
behavioral3
Sample
exec.sh
Resource
debian9-mipsbe-20240226-en
Behavioral task
behavioral4
Sample
exec.sh
Resource
debian9-mipsel-20240226-en
Malware Config
Targets
-
-
Target
exec.sh
-
Size
842B
-
MD5
4eeac4436b9c68f85b1c3a2bae62d3f3
-
SHA1
4895bfd63ba3ae5fd97f69c4a243d4bae7eddfa1
-
SHA256
bfa195bd238473bfead86e74b796c4721d1f5281c284b96ff29d8806a82a6520
-
SHA512
e0091672dd843f9dd87b50f43c8b09711cd1b02c40a5a8e51a53878cdd213881328583e99d1d92aef5c497abdd3f181fe6f3a740aedb7d66918c05788bbd0e5b
Score8/10-
Modifies password files for system users/ groups
Modifies files storing password hashes of existing users/ groups, likely to grant additional privileges.
-
Executes dropped EXE
-
Adds a user to the system
-
Checks CPU configuration
Checks CPU information which indicate if the system is a virtual machine.
-
Creates/modifies environment variables
Creating/modifying environment variables is a common persistence mechanism.
-
Modifies Bash startup script
-