cd7008c650825f52cbca100c5781bea035d1c7d0c2f7bc7ab1091c78847bb639

Analysis

max time kernel
150s
platform
debian-9_mipsel
resource
debian9-mipsel-20240418-en
resource tags

arch:mipselimage:debian9-mipsel-20240418-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipselsystem
submitted
14/07/2024, 09:05

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

bashbug
Size

7KB
MD5

d86a7d380a9c51c7752ccd291ff28ce8
SHA1

8e58609c5296d8a9af4d10df0d58f385f221dea7
SHA256

c51e7a86fea3b1efd025450b5a4b87b74b8c4d91a29ca0be039e35bf39067dd8
SHA512

2fa22efc6b8df447d4779fdd3f5e84b0d91f4c574b4a9c050412783ccbebc5f61cfd024d8d6122640c83a3fabcfcf661706c994ff306e0c04abff7b36c3aa20b
SSDEEP

192:B/Sx2wK0dPVZegYmXMda/yIGFl2cSabSPTw:Js2wK8PVQLdac7Bbv

Score

3^/10

Malware Config

Signatures

Reads runtime system information 1 IoCs

Reads data from /proc virtual filesystem.

description	ioc	Process
File opened for reading	/proc/filesystems	cp

Writes file to tmp directory 4 IoCs

Malware often drops required files in the /tmp directory.

description	ioc	Process
File opened for modification	/tmp/bbug.X4Mmwt	mktemp
File opened for modification	/tmp/bbug.itkbOM	mktemp
File opened for modification	/tmp/bbug.X4Mmwt	bashbug
File opened for modification	/tmp/bbug.itkbOM	cp

/tmp/bashbug
/tmp/bashbug
1⤵
- Writes file to tmp directory
PID:730
- /bin/mktemp
  mktemp /tmp/bbug.XXXXXX
  2⤵
  - Writes file to tmp directory
  PID:731
- /bin/mktemp
  mktemp /tmp/bbug.XXXXXX
  2⤵
  - Writes file to tmp directory
  PID:733
- /usr/bin/whoami
  whoami
  2⤵
  PID:738
- /bin/uname
  uname
  2⤵
  PID:739
- /bin/uname
  uname -a
  2⤵
  PID:740
- /bin/cat
  cat
  2⤵
  PID:741
- /bin/cp
  cp /tmp/bbug.X4Mmwt /tmp/bbug.itkbOM
  2⤵
  - Reads runtime system information
  - Writes file to tmp directory
  PID:742
- /bin/chmod
  chmod u+w /tmp/bbug.X4Mmwt
  2⤵
  PID:743
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:744
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:745
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:746
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:747
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:748
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:749
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:750
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:754
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:759
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:764
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:769
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:775
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:780
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:785
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:791
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:799
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:804
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:806
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:807
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:808
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:809
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:810
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:811
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:812
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:818
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:822
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:826
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:830
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:835
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:839
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:844
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:849
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:854
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:855
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:856
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:857
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:858
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:859
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:860
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:861
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:862
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:863
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:864
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:865
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:866
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:867
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:868
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:869
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:870
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:871
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:872
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:873
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:874
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:875
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:876
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:877
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:878
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:879
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:880
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:881
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:882
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:883
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:884
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:885
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:886
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:887
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:888
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:889
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:890
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:891
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:892
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:893
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:894
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:895
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:896
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:897
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:898
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:899
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:900
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:901
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:902
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:903
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:904
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:905
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:906
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:907
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:908
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:909
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:910
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:911
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:912
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:913
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:914
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:915
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:916
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:917
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:918
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:919
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:920
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:921
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:922
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:923
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:924
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:925
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:926
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:927
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:928
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:929
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:930
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:931
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:932
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:933
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:934
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:935
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:936
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:937
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:938
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:939
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:940
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:941
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:942
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:943
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:944
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:945
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:946
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:947
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:948
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:949
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:950
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:951
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:952
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:953
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:954
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:955
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:956
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:957
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:958
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:959
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:960
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:961
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:962
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:963
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:964
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:965
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:966
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:967
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:968
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:969
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:970
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:971
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:972
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:973
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:974
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:975
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:976
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:977
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:978
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:979
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:980
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:981
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:982
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:983
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:984
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:985
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:986
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:987
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:988
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:989
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:990
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:991
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:992
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:993
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:994
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:995
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:996
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:997
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:998
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:999
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:1000
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:1001
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:1002
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:1003
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:1004
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:1005
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:1006
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:1007
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:1008
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:1009
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:1010
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:1011
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:1012
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:1013
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:1014
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:1015
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:1016
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:1017
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:1018
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:1019
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:1020
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:1021
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:1022
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:1023
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:1024
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:1025
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:1026
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:1027
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:1028
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:1029
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:1030
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:1031
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:1032
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:1033
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:1034
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:1035
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:1036
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:1037
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:1038
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:1039
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:1040
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:1041
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:1042
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:1043
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:1044
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:1045
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:1046
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:1047
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:1048
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:1049
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:1050
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:1051
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:1052
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:1053
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:1054
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:1055
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:1056
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:1057
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:1058
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:1059
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:1060
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:1061
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:1062
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:1063
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:1064
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:1065
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:1066
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:1067
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:1068
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:1069
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:1070
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:1071
- /usr/bin/editor
  editor /tmp/bbug.X4Mmwt
  2⤵
  PID:1072

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/tmp/bbug.X4Mmwt

Filesize
1KB

MD5
e7bfceaeb88b0cf5a3234f90c0fb760e

SHA1
177cb64cb92c2dd764a75f1fb3b6b69bfe81799d

SHA256
f7fad61405730c09a7be91231e3ab0711a518f724c9243dfeafd54db3ddf7235

SHA512
9ab76c20a1dc891db491faee11fdff0bd111625af31319a633daaf785a1393decc0a2199a4653714d813b01a78c9ab43f1d9488f2448f4361c2f71cce72b8152

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads