Overview

overview

7

Static

static

1

triage.sh

ubuntu-18.04-amd64

6

triage.sh

ubuntu-20.04-amd64

7

triage.sh

ubuntu-22.04-amd64

7

triage.sh

ubuntu-24.04-amd64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    triage.sh

  • Size

    338B

  • Sample

    240714-k358jaxajh

  • MD5

    dead3dccf4825eb422f4dac04f2d8279

  • SHA1

    61285497f6daecf9d6d6128d5ced6f19057f93bd

  • SHA256

    6df4fd30bb503ece3c987d6932d355fa7da868fa28f901b9781e6fd8df1bf4db

  • SHA512

    c4c5fc0a655488ea60b4d5801cab925e180e3d018f88e9238eb9bc794ddc73ec44059fad796cb1655fed44a7c861990d5960eb7a41f8fa4a24390cb27cd1f55b

Score
7/10
antivmlinux

Malware Config

Targets

    • Target

      triage.sh

    • Size

      338B

    • MD5

      dead3dccf4825eb422f4dac04f2d8279

    • SHA1

      61285497f6daecf9d6d6128d5ced6f19057f93bd

    • SHA256

      6df4fd30bb503ece3c987d6932d355fa7da868fa28f901b9781e6fd8df1bf4db

    • SHA512

      c4c5fc0a655488ea60b4d5801cab925e180e3d018f88e9238eb9bc794ddc73ec44059fad796cb1655fed44a7c861990d5960eb7a41f8fa4a24390cb27cd1f55b

    Score
    7/10
    antivm

    • Executes dropped EXE

    • Checks mountinfo of local process

      Checks mountinfo of running processes which indicate if it is running in chroot jail.

      antivm

    • Deletes log files

      Deletes log files on the system.

    • Legitimate hosting services abused for malware hosting/C2

    • Write file to user bin folder

    behavioral1behavioral2behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks