0ea689b8e3ae9659b0779dde8f313e5f26aed139d448244be8558baf1d372747 | Triage

Analysis

max time kernel
0s
platform
debian-9_armhf
resource
debian9-armhf-20240611-en
resource tags

arch:armhfimage:debian9-armhf-20240611-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
submitted
14/07/2024, 13:45

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

triage-script.sh
Size

374B
MD5

d5ddd9f908abed74c331bd35db6d474c
SHA1

cad94573973dc064905c7f563d07255b46cf66ab
SHA256

0ea689b8e3ae9659b0779dde8f313e5f26aed139d448244be8558baf1d372747
SHA512

ca2c965100cbd4bfa1b1c5423de3bc5b23ba52d19715413f3b0f8587f976af9e8e8454f44d43743388843ab77e42ab5dd4bb82315dacbb63322833f2050fdbe8

Score

3^/10

Malware Config

Signatures

Reads runtime system information 6 IoCs

Reads data from /proc virtual filesystem.

description	ioc	Process
File opened for reading	/proc/filesystems	sudo
File opened for reading	/proc/sys/kernel/ngroups_max	sudo
File opened for reading	/proc/self/stat	sudo
File opened for reading	/proc/filesystems	sudo
File opened for reading	/proc/sys/kernel/ngroups_max	sudo
File opened for reading	/proc/self/stat	sudo

/tmp/triage-script.sh
/tmp/triage-script.sh
1⤵
PID:661
- /usr/bin/sudo
  sudo apt update -y
  2⤵
  - Reads runtime system information
  PID:662
- /usr/bin/sudo
  sudo apt install libcurl4-openssl-dev libssl-dev libomp-dev libjansson-dev automake autotools-dev build-essential git -y
  2⤵
  - Reads runtime system information
  PID:670

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads