General

  • Target

    linpeas.sh

  • Size

    827KB

  • Sample

    240522-nv5tksdh2v

  • MD5

    a9293ab3afa1d9954e657eaed91d9800

  • SHA1

    3929ed8e02dd3ca8a32afd6867fbb170a72f61d2

  • SHA256

    dec7046de5df46063e19a16976ffe1e236d1ec9efac44fd288a0595e5c9eaa53

  • SHA512

    870a9013a481ae2830b897ac10a4f02d559b5607fab0f3b1a713212a6bce1cbaf6b1044f6cae7c086bef914b98b7f86b7738746540da6d22cb9f388559236fe6

  • SSDEEP

    6144:AGtG23KlUK0LZqV8FxkZ5zPulEdHqZ7rhhVbGdQ3CPlHMpsgdce2Nkba/Jp5IsTr:wi4b3i+gD/Dbyw3/eqEPF

Score
7/10

Malware Config

Targets

    • Target

      linpeas.sh

    • Size

      827KB

    • MD5

      a9293ab3afa1d9954e657eaed91d9800

    • SHA1

      3929ed8e02dd3ca8a32afd6867fbb170a72f61d2

    • SHA256

      dec7046de5df46063e19a16976ffe1e236d1ec9efac44fd288a0595e5c9eaa53

    • SHA512

      870a9013a481ae2830b897ac10a4f02d559b5607fab0f3b1a713212a6bce1cbaf6b1044f6cae7c086bef914b98b7f86b7738746540da6d22cb9f388559236fe6

    • SSDEEP

      6144:AGtG23KlUK0LZqV8FxkZ5zPulEdHqZ7rhhVbGdQ3CPlHMpsgdce2Nkba/Jp5IsTr:wi4b3i+gD/Dbyw3/eqEPF

    Score
    7/10
    • Looks for SUID binaries

      Searches the filesystem for potential binaries to be used for privilege esclatation (common during reconnaissance activity).

    • Checks hardware identifiers (DMI)

      Checks DMI information which indicate if the system is a virtual machine.

    • Enumerates running processes

      Discovers information about currently running processes on the system

    • Reads data from the clipboard

      Attempts to collect data stored in the clipboard using xclip tool.

    • Reads hardware information

      Accesses system info like serial numbers, manufacturer names etc.

    • Reads network interface configuration

      Fetches information about one or more active network interfaces.

MITRE ATT&CK Matrix ATT&CK v13

Defense Evasion

Virtualization/Sandbox Evasion

2
T1497

Discovery

Virtualization/Sandbox Evasion

2
T1497

System Information Discovery

3
T1082

System Network Configuration Discovery

2
T1016

System Network Connections Discovery

1
T1049

Tasks