General
-
Target
parkos_el8_install.sh
-
Size
8KB
-
Sample
240522-pkhrqsaf68
-
MD5
d0fa7e6e9a355416af8e8a80f5020fbf
-
SHA1
302ff953fd1aa1d941155646e0404f828e833781
-
SHA256
1635a72cb85b3332074c2d4962d11932d2826a8fe771ec60fbeb8feb0c72b433
-
SHA512
55d9aaef1f641196a013907d1ccb31f9c5670beb281751939ca84d3f7f703e354588f2eef5d75341f99e221cd21b7ac62ee470edecb2018ce12ed1044d5f574a
-
SSDEEP
192:C+2rjJrRrcthFAfh8uKFuuuUYm6MU8ptZ4rq0D0UyL4f7c3Kn6pAqgeCWY9cE9Tj:CTRri9p1zcz/qgXWY9cyIvrHu
Malware Config
Targets
-
-
Target
parkos_el8_install.sh
-
Size
8KB
-
MD5
d0fa7e6e9a355416af8e8a80f5020fbf
-
SHA1
302ff953fd1aa1d941155646e0404f828e833781
-
SHA256
1635a72cb85b3332074c2d4962d11932d2826a8fe771ec60fbeb8feb0c72b433
-
SHA512
55d9aaef1f641196a013907d1ccb31f9c5670beb281751939ca84d3f7f703e354588f2eef5d75341f99e221cd21b7ac62ee470edecb2018ce12ed1044d5f574a
-
SSDEEP
192:C+2rjJrRrcthFAfh8uKFuuuUYm6MU8ptZ4rq0D0UyL4f7c3Kn6pAqgeCWY9cE9Tj:CTRri9p1zcz/qgXWY9cyIvrHu
Score6/10-
Adds a user to the system
-
Creates/modifies Cron job
Cron allows running tasks on a schedule, and is commonly used for malware persistence.
-
Creates/modifies environment variables
Creating/modifying environment variables is a common persistence mechanism.
-
Enumerates running processes
Discovers information about currently running processes on the system
-
Modifies Bash startup script
-