Resubmissions

12-06-2024 17:05

240612-vmcamasdqh 6

12-06-2024 16:56

240612-vft7vsscma 7

12-06-2024 16:50

240612-vcjxqasbna 6

12-06-2024 16:40

240612-t6wb6swank 6

Analysis

  • max time kernel
    0s
  • max time network
    129s
  • platform
    ubuntu-18.04_amd64
  • resource
    ubuntu1804-amd64-20240611-en
  • resource tags

    arch:amd64arch:i386image:ubuntu1804-amd64-20240611-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system
  • submitted
    12-06-2024 16:50

General

  • Target

    sketchyorignorant-main/SeTPKG

  • Size

    3KB

  • MD5

    db54abbcfb1b411867f6d5991a1ba975

  • SHA1

    839be61c1dae3590ff1e5b38a6256c7cd05dc28f

  • SHA256

    7c2f9cc834fffed940401038318cff0d03ade47cafdc14f6ec1378e277eae8b6

  • SHA512

    fac5b71ab5faa182815b7e80425ddbaf45967649ab131d4b4c71f01e137824326828746bd9a1618c0fcef3c774a7ed720b8f3b90c281af0f0efe81b2ca7f7edf

Score
6/10

Malware Config

Signatures

  • Deletes log files 1 TTPs 6 IoCs

    Deletes log files on the system.

  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/sketchyorignorant-main/SeTPKG
    /tmp/sketchyorignorant-main/SeTPKG
    1⤵
    • Deletes log files
    PID:1509
    • /bin/mkdir
      mkdir -p /var/log/setup/tmp
      2⤵
      • Reads runtime system information
      PID:1510
    • /bin/rm
      rm -f /var/log/setup/tmp/SeTSERIES /var/log/setup/tmp/tmpscript
      2⤵
      • Deletes log files
      PID:1511
    • /bin/cat
      cat
      2⤵
        PID:1512
      • /bin/cat
        cat
        2⤵
          PID:1513
        • /bin/cat
          cat
          2⤵
            PID:1514
          • /bin/cat
            cat
            2⤵
              PID:1515
            • /bin/cat
              cat
              2⤵
                PID:1516
              • /bin/cat
                cat
                2⤵
                  PID:1517
                • /bin/cat
                  cat
                  2⤵
                    PID:1518
                  • /bin/cat
                    cat
                    2⤵
                      PID:1519
                    • /bin/cat
                      cat
                      2⤵
                        PID:1520
                      • /bin/cat
                        cat
                        2⤵
                          PID:1521
                        • /bin/cat
                          cat
                          2⤵
                            PID:1522
                          • /bin/cat
                            cat
                            2⤵
                              PID:1523
                            • /bin/cat
                              cat
                              2⤵
                                PID:1524
                              • /bin/cat
                                cat
                                2⤵
                                  PID:1525
                                • /bin/cat
                                  cat
                                  2⤵
                                    PID:1526
                                  • /bin/cat
                                    cat
                                    2⤵
                                      PID:1527
                                    • /bin/cat
                                      cat
                                      2⤵
                                        PID:1528
                                      • /bin/rm
                                        rm -f /var/log/setup/tmp/series /var/log/setup/tmp/tmpscript
                                        2⤵
                                        • Deletes log files
                                        PID:1529

                                    Network

                                    MITRE ATT&CK Enterprise v15

                                    Replay Monitor

                                    Loading Replay Monitor...

                                    Downloads

                                    • /var/log/setup/tmp/series
                                      Filesize

                                      87B

                                      MD5

                                      e5dee89b5affc1feabecb6e5597dd7ce

                                      SHA1

                                      268ec5f18545bf3288673448c4cc04ed656b03b5

                                      SHA256

                                      e43e6ce20883887b2f968abbd0825b4e4a7827cd93ba288c7aae8a9b54f09534

                                      SHA512

                                      db95ed04e7019448c7d2eda8b1127af619f91bae505cef101464124879bb0003d526c7c6516fc380aedc6c078421833f692793d2e883ac789094a181eadb28e3

                                    • /var/log/setup/tmp/tmpscript
                                      Filesize

                                      511B

                                      MD5

                                      40a5493396d64bfa256143b3f469deb4

                                      SHA1

                                      1591906c096dc818cbbe2096c5c230f58be86d0c

                                      SHA256

                                      826f6a19acc4fb0b0455b6da7ebdabf6ccae8a0acf307ec5912b36807f9f274b

                                      SHA512

                                      12ba6a7673b97ebc79a48ca20e2802282b154c7281c403ffe5918fef5411abf549a0250da041c81a28e5c510a0470f17966a7c104fffd470e719bc3a36e3c851

                                    • /var/log/setup/tmp/tmpscript
                                      Filesize

                                      619B

                                      MD5

                                      2ba836a6f3dcece13bef45895470d1f8

                                      SHA1

                                      97042885e875e719e697d11d4ff41d284e7000d4

                                      SHA256

                                      690e79cf3e7d04759f2cf9183bdb4f3aa13b6cd0a072958e0e900b93990680a3

                                      SHA512

                                      cb1f825ef6556436414ac1fbc9f895ad86525f1c0e5a15a0e110a810702a008b1d7621733684f7ecd5eff679a28edb1aed2e3e810acbf833771e748ab66ad17d

                                    • /var/log/setup/tmp/tmpscript
                                      Filesize

                                      752B

                                      MD5

                                      283350edc67b7324746e0fcbf896d4a6

                                      SHA1

                                      d09bcf823e5c04136a2748d242e8d031607adbd9

                                      SHA256

                                      d3e236104e622df5c9b88f6157517ab55933fb04bd465c8f9aae02197dc5f349

                                      SHA512

                                      b45cc12989499068f619166e24d9a7569ca44f1cc810edff560b59445108377c6ef2dafbdd0aaaefa4dc2e63ac045ce72d5d7cb3244fe58659084839bb97b947

                                    • /var/log/setup/tmp/tmpscript
                                      Filesize

                                      846B

                                      MD5

                                      3c24f3161f4c260978f614adfa2215dc

                                      SHA1

                                      81c7386a6e6dbdfee164274d2d944a8dc5af23e8

                                      SHA256

                                      06add9c183563f5c3afe7fc20f06e29fdd699f8124fb0fd5d7e2841e364298aa

                                      SHA512

                                      055b30fd0874ebb6fe4642159681078ec8fbc142ce0ed941ffdcbc7b1a7bd4d989288320676fa71597c18e6b2cd7ea04eb99274977c8c0ff4c5e68c807747cb9

                                    • /var/log/setup/tmp/tmpscript
                                      Filesize

                                      969B

                                      MD5

                                      9426c43afbd7802974f633af696d8640

                                      SHA1

                                      99ef1cd7618b06ef746f3341dc031afe70902058

                                      SHA256

                                      4a8ee4f52d158118c012e2bc5c96593fe8229e1720121ece59f262abf6574f97

                                      SHA512

                                      f482dd4e08c3a5cef55060bb8bcfd5943fd5e766942b68b500b5e0181e4643fbfcefd317da306551829061f646a2d8777853733e2404958939fd85c1df7cb4a7

                                    • /var/log/setup/tmp/tmpscript
                                      Filesize

                                      2KB

                                      MD5

                                      896796b87d89ed9d3b010ec60c97ba7c

                                      SHA1

                                      4dda5ff6004da728bec8ba72a71ef84043f29f17

                                      SHA256

                                      923189ba97d05d376435677d5ff5f827382f502867f44cc8e200755bfbcb1ec9

                                      SHA512

                                      808a073de8c044c224c9867a588deabd42132c688f5823789ab2dcc2b8492ccfa65c8ba7f4ee810f527cf5d2bd8c7ef4af5f31fd4944ef2f2fe5523a4dfe59f1