60bd26163a6935d6014fbb2fa60824245a598dd8992cc983cb86f6361ae9623f

Analysis

max time kernel
30s
max time network
129s
platform
ubuntu-18.04_amd64
resource
ubuntu1804-amd64-20240508-en
resource tags

arch:amd64arch:i386image:ubuntu1804-amd64-20240508-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system
submitted
22-05-2024 12:24

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

install.sh
Size

1KB
MD5

4cabe5bad7fa0da76f7951f87b2fb0c3
SHA1

49f1b11b3c6dd601df80dcc6b2a0bed52eab9a3d
SHA256

60bd26163a6935d6014fbb2fa60824245a598dd8992cc983cb86f6361ae9623f
SHA512

b9db008f1c27218f54df0efaf64ac94c9bfc58316fbc154438864c460d908bf264e0e3e84b53854f0b364292e7f26b19e85987005c71468dcd4790d68aed9379

Score

3^/10

Malware Config

Signatures

Reads runtime system information 2 IoCs

Reads data from /proc virtual filesystem.

description	ioc	Process
File opened for reading	/proc/filesystems	cp
File opened for reading	/proc/filesystems	cp

/tmp/install.sh
/tmp/install.sh
1⤵
PID:1495
- /bin/cp
  cp .env.example .env
  2⤵
  - Reads runtime system information
  PID:1496
- /bin/cp
  cp -R packages/marvel/stubs-backup packages/marvel/stubs
  2⤵
  - Reads runtime system information
  PID:1497
- /tmp/vendor/bin/sail
  ./vendor/bin/sail down
  2⤵
  PID:1499
- /tmp/vendor/bin/sail
  ./vendor/bin/sail up -d
  2⤵
  PID:1500
- /tmp/vendor/bin/sail
  ./vendor/bin/sail artisan key:generate
  2⤵
  PID:1501
- /bin/sleep
  sleep 1
  2⤵
  PID:1503
- /bin/sleep
  sleep 30
  2⤵
  PID:1502
- /bin/sleep
  sleep 1
  2⤵
  PID:1507
- /bin/sleep
  sleep 1
  2⤵
  PID:1508
- /bin/sleep
  sleep 1
  2⤵
  PID:1509
- /bin/sleep
  sleep 1
  2⤵
  PID:1510
- /bin/sleep
  sleep 1
  2⤵
  PID:1511
- /bin/sleep
  sleep 1
  2⤵
  PID:1512
- /bin/sleep
  sleep 1
  2⤵
  PID:1513
- /bin/sleep
  sleep 1
  2⤵
  PID:1514
- /bin/sleep
  sleep 1
  2⤵
  PID:1515
- /bin/sleep
  sleep 1
  2⤵
  PID:1516
- /bin/sleep
  sleep 1
  2⤵
  PID:1517
- /bin/sleep
  sleep 1
  2⤵
  PID:1518
- /bin/sleep
  sleep 1
  2⤵
  PID:1519
- /bin/sleep
  sleep 1
  2⤵
  PID:1520
- /bin/sleep
  sleep 1
  2⤵
  PID:1521
- /bin/sleep
  sleep 1
  2⤵
  PID:1522
- /bin/sleep
  sleep 1
  2⤵
  PID:1523
- /bin/sleep
  sleep 1
  2⤵
  PID:1524
- /bin/sleep
  sleep 1
  2⤵
  PID:1525
- /bin/sleep
  sleep 1
  2⤵
  PID:1526
- /bin/sleep
  sleep 1
  2⤵
  PID:1527
- /bin/sleep
  sleep 1
  2⤵
  PID:1528
- /bin/sleep
  sleep 1
  2⤵
  PID:1529
- /bin/sleep
  sleep 1
  2⤵
  PID:1530
- /bin/sleep
  sleep 1
  2⤵
  PID:1531
- /bin/sleep
  sleep 1
  2⤵
  PID:1532
- /bin/sleep
  sleep 1
  2⤵
  PID:1533
- /bin/sleep
  sleep 1
  2⤵
  PID:1534
- /bin/sleep
  sleep 1
  2⤵
  PID:1535
- /tmp/vendor/bin/sail
  ./vendor/bin/sail artisan marvel:install
  2⤵
  PID:1538
- /tmp/vendor/bin/sail
  ./vendor/bin/sail artisan storage:link
  2⤵
  PID:1539

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads