General

  • Target

    linux-build.sh

  • Size

    368B

  • Sample

    240714-shylysxgnd

  • MD5

    c73d807368062769fc42a2e6ea647c9f

  • SHA1

    17be10ed8480d2bcf35d65283a042907b1b6502e

  • SHA256

    9fc906d2c37443a50e1b5d6f777fb35345a09cf0f642b31f63645086ca51417c

  • SHA512

    35feddf5a2349dcfb94a42343ee1ca1102f4d0d688155e3edd0ffddb0cb7ec722a14afdd36ccd8ededcff44cfa097b6829e34311b61acc3b499fc40305f69157

Malware Config

Targets

    • Target

      linux-build.sh

    • Size

      368B

    • MD5

      c73d807368062769fc42a2e6ea647c9f

    • SHA1

      17be10ed8480d2bcf35d65283a042907b1b6502e

    • SHA256

      9fc906d2c37443a50e1b5d6f777fb35345a09cf0f642b31f63645086ca51417c

    • SHA512

      35feddf5a2349dcfb94a42343ee1ca1102f4d0d688155e3edd0ffddb0cb7ec722a14afdd36ccd8ededcff44cfa097b6829e34311b61acc3b499fc40305f69157

    Score
    7/10
    • Executes dropped EXE

    • Reads EFI boot settings

      Reads EFI boot settings from the efivars filesystem, may contain security secrets or sensitive data.

    • Checks hardware identifiers (DMI)

      Checks DMI information which indicate if the system is a virtual machine.

    • Checks mountinfo of local process

      Checks mountinfo of running processes which indicate if it is running in chroot jail.

    • Deletes log files

      Deletes log files on the system.

    • Enumerates running processes

      Discovers information about currently running processes on the system

    • Write file to user bin folder

MITRE ATT&CK Enterprise v15

Tasks