63aec742da1bc776b26ddcac9cda48f20401c39a1ff17169be5cb72ee8530e9f

Analysis

max time kernel
0s
max time network
128s
platform
ubuntu-18.04_amd64
resource
ubuntu1804-amd64-20240508-en
resource tags

arch:amd64arch:i386image:ubuntu1804-amd64-20240508-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system
submitted
22/05/2024, 12:20

Target

vds-fix.sh
Size

2KB
MD5

72305194edc054e7b1d6b40183e796a7
SHA1

0636a615aa03564aa25e77c4ca1d5d0c5b9b5d69
SHA256

63aec742da1bc776b26ddcac9cda48f20401c39a1ff17169be5cb72ee8530e9f
SHA512

c9535333d80ceb1011605128abfdd7a0259d146fc7ffb6aff7363d83960fd933c4276607e9ff00a82c0e6eed033fc8e3753cb1ce1dfcef46990fc21699069ef6

Score

3^/10

Reads runtime system information 1 IoCs

Reads data from /proc virtual filesystem.

description	ioc	Process
File opened for reading	/proc/filesystems	mkdir

Writes file to tmp directory 1 IoCs

Malware often drops required files in the /tmp directory.

description	ioc	Process
File opened for modification	/tmp/VDSmanager-Linux/install.tgz	wget

/tmp/vds-fix.sh
/tmp/vds-fix.sh
1⤵
PID:1503
- /bin/uname
  uname -s
  2⤵
  PID:1504
- /bin/uname
  uname -m
  2⤵
  PID:1505
- /bin/uname
  uname -s
  2⤵
  PID:1506
- /bin/mkdir
  mkdir -p /tmp/VDSmanager-Linux
  2⤵
  - Reads runtime system information
  PID:1507
- /usr/bin/wget
  /usr/bin/wget -O /tmp/VDSmanager-Linux/install.tgz http://download.ispsystem.com/Linux-cc6/x86_64/VDSmanager-Linux/install.4.3.44.5.tgz
  2⤵
  - Writes file to tmp directory
  PID:1508
- /bin/rm
  rm -rf /tmp/VDSmanager-Linux
  2⤵
  PID:1509