Overview

overview

7

Static

static

1

bis-auto-install.sh

ubuntu-18.04-amd64

7

bis-auto-install.sh

debian-9-armhf

1

bis-auto-install.sh

debian-9-mips

bis-auto-install.sh

debian-9-mipsel

Sharing

Copy URL Twitter E-mail

General

  • Target

    bis-auto-install.sh

  • Size

    7KB

  • Sample

    240522-pl66qabb71

  • MD5

    542b574e2b6038a92e5ed473a0266864

  • SHA1

    e54afef59fcb9f7fbc15c483eb120b40952e532d

  • SHA256

    140d25a8f864cba81d1c5fedd1e864431d04b9dc661037d57b46d0cb535b4793

  • SHA512

    2c7e61310a87387d0952b127c6b0aec888cda1752882a5610f419605c7b0ad063042771e8684521192e71fb922cb9035831b7e8407c50ef9ffae2466106fc701

  • SSDEEP

    192:5fTwb8ZXRyObv1GEeeO9JVq9ZYrqLWPt6wh:5fnuOb9clr2SPNh

Score
7/10
linuxrootkit

Malware Config

Targets

    • Target

      bis-auto-install.sh

    • Size

      7KB

    • MD5

      542b574e2b6038a92e5ed473a0266864

    • SHA1

      e54afef59fcb9f7fbc15c483eb120b40952e532d

    • SHA256

      140d25a8f864cba81d1c5fedd1e864431d04b9dc661037d57b46d0cb535b4793

    • SHA512

      2c7e61310a87387d0952b127c6b0aec888cda1752882a5610f419605c7b0ad063042771e8684521192e71fb922cb9035831b7e8407c50ef9ffae2466106fc701

    • SSDEEP

      192:5fTwb8ZXRyObv1GEeeO9JVq9ZYrqLWPt6wh:5fnuOb9clr2SPNh

    Score
    7/10
    rootkit

    • Flushes firewall rules

      Flushes/ disables firewall rules inside the Linux kernel.

    • Loads a kernel module

      Loads a Linux kernel module, potentially to achieve persistence

      rootkit
    behavioral1behavioral2behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks