Overview

overview

3

Static

static

1

addRepo-ports.sh

ubuntu-18.04-amd64

3

addRepo-ports.sh

debian-9-armhf

1

addRepo-ports.sh

debian-9-mips

addRepo-ports.sh

debian-9-mipsel

Analysis

  • max time kernel
    148s
  • max time network
    129s
  • platform
    ubuntu-18.04_amd64
  • resource
    ubuntu1804-amd64-20240508-en
  • resource tags

    arch:amd64arch:i386image:ubuntu1804-amd64-20240508-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system
  • submitted
    21/05/2024, 05:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    addRepo-ports.sh

  • Size

    3KB

  • MD5

    2e5aec65c4815ddaa9dada3f4fa0ba9a

  • SHA1

    36f4087b10f5211a6e9c6862c16ccf6536b57260

  • SHA256

    4e06726a6ae66aac75c6f0b2208acc902e4cfb14af7a65e53ea87f2ea3c080a7

  • SHA512

    534e7aaac38984abcc4cbd878ec9f3b6744f405a0baed2d9c820122c7dce064c3ceef107ecf84cca79ec8210fed670a42313052ffb3bec139cbadd24435d216b

Score
3/10

Malware Config

Signatures

  • Reads runtime system information 7 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/addRepo-ports.sh
    /tmp/addRepo-ports.sh
    1⤵
      PID:1522
      • /bin/grep
        grep -c Ubuntu
        2⤵
          PID:1525
        • /bin/cat
          cat /etc/issue
          2⤵
            PID:1524
          • /usr/bin/dpkg
            dpkg --print-architecture
            2⤵
            • Reads runtime system information
            PID:1526
          • /usr/bin/sudo
            sudo apt-get update
            2⤵
            • Reads runtime system information
            PID:1527
          • /usr/bin/sudo
            sudo apt-get install curl
            2⤵
            • Reads runtime system information
            PID:1531
          • /usr/bin/curl
            curl -O https://mirror.coganng.com/addRepo.sh
            2⤵
              PID:1532

          Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads