dec7046de5df46063e19a16976ffe1e236d1ec9efac44fd288a0595e5c9eaa53 | Triage

Submit
Reports

Overview

overview

7

Static

static

1

linpeas.sh

ubuntu-18.04-amd64

7

linpeas.sh

debian-9-armhf

1

linpeas.sh

debian-9-mips

linpeas.sh

debian-9-mipsel

Sharing

General

Target

linpeas.sh
Size

827KB
Sample

240522-nv5tksdh2v
MD5

a9293ab3afa1d9954e657eaed91d9800
SHA1

3929ed8e02dd3ca8a32afd6867fbb170a72f61d2
SHA256

dec7046de5df46063e19a16976ffe1e236d1ec9efac44fd288a0595e5c9eaa53
SHA512

870a9013a481ae2830b897ac10a4f02d559b5607fab0f3b1a713212a6bce1cbaf6b1044f6cae7c086bef914b98b7f86b7738746540da6d22cb9f388559236fe6
SSDEEP

6144:AGtG23KlUK0LZqV8FxkZ5zPulEdHqZ7rhhVbGdQ3CPlHMpsgdce2Nkba/Jp5IsTr:wi4b3i+gD/Dbyw3/eqEPF

Score

7^/10

antivm linux

Static task

static1

Behavioral task

behavioral1

Sample

linpeas.sh

Resource

ubuntu1804-amd64-20240508-en

ubuntu-18.04-amd64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

linpeas.sh

Resource

debian9-armhf-20240226-en

debian-9-armhf

0 signatures

150 seconds

Behavioral task

behavioral3

Sample

linpeas.sh

Resource

debian9-mipsbe-20240418-en

debian-9-mips

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

linpeas.sh

Resource

debian9-mipsel-20240418-en

debian-9-mipsel

0 signatures

150 seconds

Malware Config

Targets

- Target
  
  linpeas.sh
- Size
  
  827KB
- MD5
  
  a9293ab3afa1d9954e657eaed91d9800
- SHA1
  
  3929ed8e02dd3ca8a32afd6867fbb170a72f61d2
- SHA256
  
  dec7046de5df46063e19a16976ffe1e236d1ec9efac44fd288a0595e5c9eaa53
- SHA512
  
  870a9013a481ae2830b897ac10a4f02d559b5607fab0f3b1a713212a6bce1cbaf6b1044f6cae7c086bef914b98b7f86b7738746540da6d22cb9f388559236fe6
- SSDEEP
  
  6144:AGtG23KlUK0LZqV8FxkZ5zPulEdHqZ7rhhVbGdQ3CPlHMpsgdce2Nkba/Jp5IsTr:wi4b3i+gD/Dbyw3/eqEPF
Score

7^/10

antivm
- Looks for SUID binaries
  Searches the filesystem for potential binaries to be used for privilege esclatation (common during reconnaissance activity).
- Checks hardware identifiers (DMI)
  Checks DMI information which indicate if the system is a virtual machine.
  antivm
- Enumerates running processes
  Discovers information about currently running processes on the system
- Reads data from the clipboard
  Attempts to collect data stored in the clipboard using xclip tool.
- Reads hardware information
  Accesses system info like serial numbers, manufacturer names etc.
- Reads network interface configuration
  Fetches information about one or more active network interfaces.
behavioral1 behavioral2 behavioral3 behavioral4

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Virtualization/Sandbox Evasion

System Information Discovery

System Network Configuration Discovery

System Network Connections Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

© 2018-2024

Terms | Privacy