Malware Analysis Report

2024-11-13 12:56

Sample ID 240607-blk2lagb24
Target Linux_setup.sh
SHA256 d53d6e1a2cbb6c4ff81ae70af13d7e34d78e77fa47eb3128b7aeeecbaece799b
Tags
score
1/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
1/10

SHA256

d53d6e1a2cbb6c4ff81ae70af13d7e34d78e77fa47eb3128b7aeeecbaece799b

Threat Level: No (potentially) malicious behavior was detected

The file Linux_setup.sh was found to be: No (potentially) malicious behavior was detected.

Malicious Activity Summary

N/A

MITRE ATT&CK

N/A

Analysis: static1

Detonation Overview

Reported

2024-06-07 01:14

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-07 01:13

Reported

2024-06-07 01:20

Platform

debian9-mipsel-20240226-en

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

N/A

Files

N/A

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-07 01:13

Reported

2024-06-07 01:23

Platform

ubuntu2404-amd64-20240523-en

Max time network

128s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
US 8.8.8.8:53 download.oracle.com udp
US 8.8.8.8:53 download.oracle.com udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 e2875.d.akamaiedge.net udp
GB 2.21.188.103:443 download.oracle.com tcp
US 8.8.8.8:53 portswigger.net udp
US 8.8.8.8:53 portswigger.net udp
IE 34.240.117.4:443 portswigger.net tcp
US 8.8.8.8:53 portswigger-cdn.net udp
US 8.8.8.8:53 portswigger-cdn.net udp
US 18.239.208.109:443 portswigger-cdn.net tcp

Files

N/A