Resubmissions

12-06-2024 17:05

240612-vmcamasdqh 6

12-06-2024 16:56

240612-vft7vsscma 7

12-06-2024 16:50

240612-vcjxqasbna 6

12-06-2024 16:40

240612-t6wb6swank 6

Analysis

  • max time kernel
    0s
  • max time network
    129s
  • platform
    ubuntu-18.04_amd64
  • resource
    ubuntu1804-amd64-20240611-en
  • resource tags

    arch:amd64arch:i386image:ubuntu1804-amd64-20240611-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system
  • submitted
    12-06-2024 16:50

General

  • Target

    sketchyorignorant-main/SeTfull

  • Size

    1012B

  • MD5

    0a5cecadde19bd6f6e0de5c6af9882d3

  • SHA1

    563108c74444e5d6f95d562072948e3eda13919f

  • SHA256

    a0b755b9149834e54afb438e975835fe8c158e7fb0b4d0f053ad7f9321724bad

  • SHA512

    327dc67bd395dd2e4355abeb52d9cc741c9ca796d6855353e38d8fd2e0bfd12f3b7ae97b354d00699a03a4ed37b6b113c8c87b30953c2f64fd76e7b0c36c67a8

Score
6/10

Malware Config

Signatures

  • Deletes log files 1 TTPs 2 IoCs

    Deletes log files on the system.

  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/sketchyorignorant-main/SeTfull
    /tmp/sketchyorignorant-main/SeTfull
    1⤵
      PID:1520
      • /bin/mkdir
        mkdir -p /var/log/setup/tmp
        2⤵
        • Reads runtime system information
        PID:1521
      • /bin/dd
        dd "if=/dev/zero" "of=/var/log/setup/tmp/SeTtestfull" "bs=1024" "count=256"
        2⤵
        • Deletes log files
        PID:1522
      • /bin/rm
        rm -f /var/log/setup/tmp/SeTtestfull
        2⤵
        • Deletes log files
        PID:1523

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • /var/log/setup/tmp/SeTtestfull
      Filesize

      256KB

      MD5

      ec87a838931d4d5d2e94a04644788a55

      SHA1

      2e000fa7e85759c7f4c254d4d9c33ef481e459a7

      SHA256

      8a39d2abd3999ab73c34db2476849cddf303ce389b35826850f9a700589b4a90

      SHA512

      9dd0c30167fbeaf68dfbbad8e1af552a7a1fcae120b6e04f1b41fa76c76d5a78922ff828f5cffd8c02965cde57d63dcbfb4c479b3cb49c9d8107a7d5244e9d03