Overview
overview
6Static
static
3sketchyori...ge.cab
windows7-x64
1sketchyori...ge.cab
windows10-2004-x64
1sketchyori...ab.lnk
windows7-x64
3sketchyori...ab.lnk
windows10-2004-x64
3sketchyori...SeTDOS
ubuntu-18.04-amd64
6sketchyori...SeTDOS
debian-9-armhf
1sketchyori...SeTDOS
debian-9-mips
sketchyori...SeTDOS
debian-9-mipsel
sketchyori...SeTPKG
ubuntu-18.04-amd64
6sketchyori...SeTPKG
debian-9-armhf
1sketchyori...SeTPKG
debian-9-mips
sketchyori...SeTPKG
debian-9-mipsel
sketchyori...config
ubuntu-18.04-amd64
3sketchyori...config
debian-9-armhf
1sketchyori...config
debian-9-mips
sketchyori...config
debian-9-mipsel
sketchyori...fdHELP
ubuntu-18.04-amd64
1sketchyori...fdHELP
debian-9-armhf
1sketchyori...fdHELP
debian-9-mips
sketchyori...fdHELP
debian-9-mipsel
sketchyori...eTfull
ubuntu-18.04-amd64
6sketchyori...eTfull
debian-9-armhf
1sketchyori...eTfull
debian-9-mips
sketchyori...eTfull
debian-9-mipsel
sketchyori...kernel
ubuntu-18.04-amd64
6sketchyori...kernel
debian-9-armhf
1sketchyori...kernel
debian-9-mips
sketchyori...kernel
debian-9-mipsel
sketchyori...keymap
ubuntu-18.04-amd64
6sketchyori...keymap
debian-9-armhf
1sketchyori...keymap
debian-9-mips
sketchyori...keymap
debian-9-mipsel
Resubmissions
12-06-2024 17:05
240612-vmcamasdqh 612-06-2024 16:56
240612-vft7vsscma 712-06-2024 16:50
240612-vcjxqasbna 612-06-2024 16:40
240612-t6wb6swank 6Analysis
-
max time kernel
0s -
max time network
129s -
platform
ubuntu-18.04_amd64 -
resource
ubuntu1804-amd64-20240611-en -
resource tags
arch:amd64arch:i386image:ubuntu1804-amd64-20240611-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system -
submitted
12-06-2024 16:50
Static task
static1
Behavioral task
behavioral1
Sample
sketchyorignorant-main/Microsoft-Windows-FoDMetadata-Package.cab
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
sketchyorignorant-main/Microsoft-Windows-FoDMetadata-Package.cab
Resource
win10v2004-20240611-en
Behavioral task
behavioral3
Sample
sketchyorignorant-main/Microsoft-Windows-Kernel-LA57-FoD-Package~31bf3856ad364e35~amd64~~.cab.lnk
Resource
win7-20231129-en
Behavioral task
behavioral4
Sample
sketchyorignorant-main/Microsoft-Windows-Kernel-LA57-FoD-Package~31bf3856ad364e35~amd64~~.cab.lnk
Resource
win10v2004-20240611-en
Behavioral task
behavioral5
Sample
sketchyorignorant-main/SeTDOS
Resource
ubuntu1804-amd64-20240508-en
Behavioral task
behavioral6
Sample
sketchyorignorant-main/SeTDOS
Resource
debian9-armhf-20240611-en
Behavioral task
behavioral7
Sample
sketchyorignorant-main/SeTDOS
Resource
debian9-mipsbe-20240611-en
Behavioral task
behavioral8
Sample
sketchyorignorant-main/SeTDOS
Resource
debian9-mipsel-20240418-en
Behavioral task
behavioral9
Sample
sketchyorignorant-main/SeTPKG
Resource
ubuntu1804-amd64-20240611-en
Behavioral task
behavioral10
Sample
sketchyorignorant-main/SeTPKG
Resource
debian9-armhf-20240418-en
Behavioral task
behavioral11
Sample
sketchyorignorant-main/SeTPKG
Resource
debian9-mipsbe-20240418-en
Behavioral task
behavioral12
Sample
sketchyorignorant-main/SeTPKG
Resource
debian9-mipsel-20240418-en
Behavioral task
behavioral13
Sample
sketchyorignorant-main/SeTconfig
Resource
ubuntu1804-amd64-20240611-en
Behavioral task
behavioral14
Sample
sketchyorignorant-main/SeTconfig
Resource
debian9-armhf-20240611-en
Behavioral task
behavioral15
Sample
sketchyorignorant-main/SeTconfig
Resource
debian9-mipsbe-20240611-en
Behavioral task
behavioral16
Sample
sketchyorignorant-main/SeTconfig
Resource
debian9-mipsel-20240418-en
Behavioral task
behavioral17
Sample
sketchyorignorant-main/SeTfdHELP
Resource
ubuntu1804-amd64-20240508-en
Behavioral task
behavioral18
Sample
sketchyorignorant-main/SeTfdHELP
Resource
debian9-armhf-20240611-en
Behavioral task
behavioral19
Sample
sketchyorignorant-main/SeTfdHELP
Resource
debian9-mipsbe-20240611-en
Behavioral task
behavioral20
Sample
sketchyorignorant-main/SeTfdHELP
Resource
debian9-mipsel-20240226-en
Behavioral task
behavioral21
Sample
sketchyorignorant-main/SeTfull
Resource
ubuntu1804-amd64-20240611-en
Behavioral task
behavioral22
Sample
sketchyorignorant-main/SeTfull
Resource
debian9-armhf-20240611-en
Behavioral task
behavioral23
Sample
sketchyorignorant-main/SeTfull
Resource
debian9-mipsbe-20240418-en
Behavioral task
behavioral24
Sample
sketchyorignorant-main/SeTfull
Resource
debian9-mipsel-20240418-en
Behavioral task
behavioral25
Sample
sketchyorignorant-main/SeTkernel
Resource
ubuntu1804-amd64-20240611-en
Behavioral task
behavioral26
Sample
sketchyorignorant-main/SeTkernel
Resource
debian9-armhf-20240418-en
Behavioral task
behavioral27
Sample
sketchyorignorant-main/SeTkernel
Resource
debian9-mipsbe-20240611-en
Behavioral task
behavioral28
Sample
sketchyorignorant-main/SeTkernel
Resource
debian9-mipsel-20240611-en
Behavioral task
behavioral29
Sample
sketchyorignorant-main/SeTkeymap
Resource
ubuntu1804-amd64-20240508-en
Behavioral task
behavioral30
Sample
sketchyorignorant-main/SeTkeymap
Resource
debian9-armhf-20240611-en
Behavioral task
behavioral31
Sample
sketchyorignorant-main/SeTkeymap
Resource
debian9-mipsbe-20240418-en
Behavioral task
behavioral32
Sample
sketchyorignorant-main/SeTkeymap
Resource
debian9-mipsel-20240418-en
General
-
Target
sketchyorignorant-main/SeTPKG
-
Size
3KB
-
MD5
db54abbcfb1b411867f6d5991a1ba975
-
SHA1
839be61c1dae3590ff1e5b38a6256c7cd05dc28f
-
SHA256
7c2f9cc834fffed940401038318cff0d03ade47cafdc14f6ec1378e277eae8b6
-
SHA512
fac5b71ab5faa182815b7e80425ddbaf45967649ab131d4b4c71f01e137824326828746bd9a1618c0fcef3c774a7ed720b8f3b90c281af0f0efe81b2ca7f7edf
Malware Config
Signatures
-
Deletes log files 1 TTPs 6 IoCs
Deletes log files on the system.
Processes:
SeTPKGrmrmdescription ioc process File truncated /var/log/setup/tmp/series SeTPKG File deleted /var/log/setup/tmp/series rm File deleted /var/log/setup/tmp/tmpscript rm File deleted /var/log/setup/tmp/SeTSERIES rm File deleted /var/log/setup/tmp/tmpscript rm File truncated /var/log/setup/tmp/tmpscript SeTPKG -
Reads runtime system information 1 IoCs
Reads data from /proc virtual filesystem.
Processes:
mkdirdescription ioc process File opened for reading /proc/filesystems mkdir
Processes
-
/tmp/sketchyorignorant-main/SeTPKG/tmp/sketchyorignorant-main/SeTPKG1⤵
- Deletes log files
PID:1509 -
/bin/mkdirmkdir -p /var/log/setup/tmp2⤵
- Reads runtime system information
PID:1510 -
/bin/rmrm -f /var/log/setup/tmp/SeTSERIES /var/log/setup/tmp/tmpscript2⤵
- Deletes log files
PID:1511 -
/bin/catcat2⤵PID:1512
-
/bin/catcat2⤵PID:1513
-
/bin/catcat2⤵PID:1514
-
/bin/catcat2⤵PID:1515
-
/bin/catcat2⤵PID:1516
-
/bin/catcat2⤵PID:1517
-
/bin/catcat2⤵PID:1518
-
/bin/catcat2⤵PID:1519
-
/bin/catcat2⤵PID:1520
-
/bin/catcat2⤵PID:1521
-
/bin/catcat2⤵PID:1522
-
/bin/catcat2⤵PID:1523
-
/bin/catcat2⤵PID:1524
-
/bin/catcat2⤵PID:1525
-
/bin/catcat2⤵PID:1526
-
/bin/catcat2⤵PID:1527
-
/bin/catcat2⤵PID:1528
-
/bin/rmrm -f /var/log/setup/tmp/series /var/log/setup/tmp/tmpscript2⤵
- Deletes log files
PID:1529
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
/var/log/setup/tmp/seriesFilesize
87B
MD5e5dee89b5affc1feabecb6e5597dd7ce
SHA1268ec5f18545bf3288673448c4cc04ed656b03b5
SHA256e43e6ce20883887b2f968abbd0825b4e4a7827cd93ba288c7aae8a9b54f09534
SHA512db95ed04e7019448c7d2eda8b1127af619f91bae505cef101464124879bb0003d526c7c6516fc380aedc6c078421833f692793d2e883ac789094a181eadb28e3
-
/var/log/setup/tmp/tmpscriptFilesize
511B
MD540a5493396d64bfa256143b3f469deb4
SHA11591906c096dc818cbbe2096c5c230f58be86d0c
SHA256826f6a19acc4fb0b0455b6da7ebdabf6ccae8a0acf307ec5912b36807f9f274b
SHA51212ba6a7673b97ebc79a48ca20e2802282b154c7281c403ffe5918fef5411abf549a0250da041c81a28e5c510a0470f17966a7c104fffd470e719bc3a36e3c851
-
/var/log/setup/tmp/tmpscriptFilesize
619B
MD52ba836a6f3dcece13bef45895470d1f8
SHA197042885e875e719e697d11d4ff41d284e7000d4
SHA256690e79cf3e7d04759f2cf9183bdb4f3aa13b6cd0a072958e0e900b93990680a3
SHA512cb1f825ef6556436414ac1fbc9f895ad86525f1c0e5a15a0e110a810702a008b1d7621733684f7ecd5eff679a28edb1aed2e3e810acbf833771e748ab66ad17d
-
/var/log/setup/tmp/tmpscriptFilesize
752B
MD5283350edc67b7324746e0fcbf896d4a6
SHA1d09bcf823e5c04136a2748d242e8d031607adbd9
SHA256d3e236104e622df5c9b88f6157517ab55933fb04bd465c8f9aae02197dc5f349
SHA512b45cc12989499068f619166e24d9a7569ca44f1cc810edff560b59445108377c6ef2dafbdd0aaaefa4dc2e63ac045ce72d5d7cb3244fe58659084839bb97b947
-
/var/log/setup/tmp/tmpscriptFilesize
846B
MD53c24f3161f4c260978f614adfa2215dc
SHA181c7386a6e6dbdfee164274d2d944a8dc5af23e8
SHA25606add9c183563f5c3afe7fc20f06e29fdd699f8124fb0fd5d7e2841e364298aa
SHA512055b30fd0874ebb6fe4642159681078ec8fbc142ce0ed941ffdcbc7b1a7bd4d989288320676fa71597c18e6b2cd7ea04eb99274977c8c0ff4c5e68c807747cb9
-
/var/log/setup/tmp/tmpscriptFilesize
969B
MD59426c43afbd7802974f633af696d8640
SHA199ef1cd7618b06ef746f3341dc031afe70902058
SHA2564a8ee4f52d158118c012e2bc5c96593fe8229e1720121ece59f262abf6574f97
SHA512f482dd4e08c3a5cef55060bb8bcfd5943fd5e766942b68b500b5e0181e4643fbfcefd317da306551829061f646a2d8777853733e2404958939fd85c1df7cb4a7
-
/var/log/setup/tmp/tmpscriptFilesize
2KB
MD5896796b87d89ed9d3b010ec60c97ba7c
SHA14dda5ff6004da728bec8ba72a71ef84043f29f17
SHA256923189ba97d05d376435677d5ff5f827382f502867f44cc8e200755bfbcb1ec9
SHA512808a073de8c044c224c9867a588deabd42132c688f5823789ab2dcc2b8492ccfa65c8ba7f4ee810f527cf5d2bd8c7ef4af5f31fd4944ef2f2fe5523a4dfe59f1