f57892b0ef5678cf46a32964789fca7b2395527e05c98105bb4dd81d1da78a34 | Triage

Submit
Reports

Overview

overview

7

Static

static

1

linpeas.sh

ubuntu-18.04-amd64

7

linpeas.sh

debian-9-armhf

1

linpeas.sh

debian-9-mips

linpeas.sh

debian-9-mipsel

Sharing

General

Target

linpeas.sh
Size

816KB
Sample

240523-nzqkfsfb3x
MD5

0e1f041d4e0c23943e0b046520c9cd07
SHA1

d7d93deda88b8c0615eb45861d80a4f48525ab3a
SHA256

f57892b0ef5678cf46a32964789fca7b2395527e05c98105bb4dd81d1da78a34
SHA512

677f6b1268c8ed8f8f62b2149ea41c44df741bd44ba8dbcb987732049d2889676c6610d823350ace5d13d9a93c9a1b47021dde3bc4e9645cbfb9714b7fd7866e
SSDEEP

6144:aOtG23KlUK0LZqV8FxkZ5zPulEdHqZ7rhhVbGdQ3CPlHMpsgdce2Nkba/Jp5IsTj:WiLd5dawKnDTyw3psYEI

Score

7^/10

antivm linux

Static task

static1

Behavioral task

behavioral1

Sample

linpeas.sh

Resource

ubuntu1804-amd64-20240508-en

ubuntu-18.04-amd64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

linpeas.sh

Resource

debian9-armhf-20240418-en

debian-9-armhf

0 signatures

150 seconds

Behavioral task

behavioral3

Sample

linpeas.sh

Resource

debian9-mipsbe-20240418-en

debian-9-mips

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

linpeas.sh

Resource

debian9-mipsel-20240226-en

debian-9-mipsel

0 signatures

150 seconds

Malware Config

Targets

- Target
  
  linpeas.sh
- Size
  
  816KB
- MD5
  
  0e1f041d4e0c23943e0b046520c9cd07
- SHA1
  
  d7d93deda88b8c0615eb45861d80a4f48525ab3a
- SHA256
  
  f57892b0ef5678cf46a32964789fca7b2395527e05c98105bb4dd81d1da78a34
- SHA512
  
  677f6b1268c8ed8f8f62b2149ea41c44df741bd44ba8dbcb987732049d2889676c6610d823350ace5d13d9a93c9a1b47021dde3bc4e9645cbfb9714b7fd7866e
- SSDEEP
  
  6144:aOtG23KlUK0LZqV8FxkZ5zPulEdHqZ7rhhVbGdQ3CPlHMpsgdce2Nkba/Jp5IsTj:WiLd5dawKnDTyw3psYEI
Score

7^/10

antivm
- Looks for SUID binaries
  Searches the filesystem for potential binaries to be used for privilege esclatation (common during reconnaissance activity).
- Checks hardware identifiers (DMI)
  Checks DMI information which indicate if the system is a virtual machine.
  antivm
- Enumerates running processes
  Discovers information about currently running processes on the system
- Reads data from the clipboard
  Attempts to collect data stored in the clipboard using xclip tool.
- Reads hardware information
  Accesses system info like serial numbers, manufacturer names etc.
- Reads network interface configuration
  Fetches information about one or more active network interfaces.
behavioral1 behavioral2 behavioral3 behavioral4

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Virtualization/Sandbox Evasion

System Information Discovery

System Network Configuration Discovery

System Network Connections Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

© 2018-2024

Terms | Privacy