Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

phatbot_al...pp.vbs

windows7-x64

1

phatbot_al...pp.vbs

windows10-2004-x64

1

phatbot_al...cpp.js

windows7-x64

3

phatbot_al...cpp.js

windows10-2004-x64

3

phatbot_al...cpp.js

windows7-x64

3

phatbot_al...cpp.js

windows10-2004-x64

3

phatbot_al...n-base

ubuntu-18.04-amd64

3

phatbot_al...n-base

debian-9-armhf

1

phatbot_al...n-base

debian-9-mips

1

phatbot_al...n-base

debian-9-mipsel

1

phatbot_al...pp.vbs

windows7-x64

1

phatbot_al...pp.vbs

windows10-2004-x64

1

phatbot_al...cpp.js

windows7-x64

3

phatbot_al...cpp.js

windows10-2004-x64

3

phatbot_al...cpp.js

windows7-x64

3

phatbot_al...cpp.js

windows10-2004-x64

3

phatbot_al...cpp.js

windows7-x64

3

phatbot_al...cpp.js

windows10-2004-x64

3

phatbot_al...cpp.js

windows7-x64

3

phatbot_al...cpp.js

windows10-2004-x64

3

phatbot_al...3.html

windows7-x64

1

phatbot_al...3.html

windows10-2004-x64

1

phatbot_al...ot.vbs

windows7-x64

1

phatbot_al...ot.vbs

windows10-2004-x64

1

phatbot_al...ing.js

windows7-x64

3

phatbot_al...ing.js

windows10-2004-x64

3

phatbot_al...ead.js

windows7-x64

3

phatbot_al...ead.js

windows10-2004-x64

3

phatbot_al...bug.sh

ubuntu-18.04-amd64

3

phatbot_al...bug.sh

debian-9-armhf

1

phatbot_al...bug.sh

debian-9-mips

1

phatbot_al...bug.sh

debian-9-mipsel

1

Analysis

  • max time kernel
    0s
  • max time network
    129s
  • platform
    ubuntu-18.04_amd64
  • resource
    ubuntu1804-amd64-20240611-en
  • resource tags

    arch:amd64arch:i386image:ubuntu1804-amd64-20240611-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system
  • submitted
    23/07/2024, 08:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    phatbot_alpha1/ago4/debug.sh

  • Size

    61B

  • MD5

    e69abc2d15e984622252df96cd1d81a1

  • SHA1

    e91aa8294cea293108173ebacacabe6db64d8487

  • SHA256

    20de10ce984a855df552f8da3b93ff1c100f120f4f5ff9c6419d0bae9a71ac38

  • SHA512

    1d1129bd2b23dd0ae9770a52acd8716fa8a1a0694b8891395a12b6ce0e6c548d65e85413f7276bc0cf446bdfb2e186ee5de9c4ca4b61e9cc3bf3b05bd2129c49

Score
3/10

Malware Config

Signatures

  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/phatbot_alpha1/ago4/debug.sh
    /tmp/phatbot_alpha1/ago4/debug.sh
    1⤵
      PID:1511
      • /usr/bin/gdb
        gdb --args bin/linux/agobot3 -debug -debuglevel 10
        2⤵
        • Reads runtime system information
        PID:1512
        • /usr/local/sbin/iconv
          iconv -l
          3⤵
            PID:1513
          • /usr/local/bin/iconv
            iconv -l
            3⤵
              PID:1513
            • /usr/sbin/iconv
              iconv -l
              3⤵
                PID:1513
              • /usr/bin/iconv
                iconv -l
                3⤵
                  PID:1513

            Network

            MITRE ATT&CK Matrix

            Replay Monitor

            Loading Replay Monitor...

            Downloads

            • /usr/share/gdb/python/gdb/__pycache__/__init__.cpython-36.pyc.139953209360992
              Filesize

              3KB

              MD5

              559d026e25a16bdc4e0f7afc7599233b

              SHA1

              b816a0b3f7d96f96e9b52a2285cc3cf2bf17a634

              SHA256

              984f4f3973a2fca8333de1b24129d8ee2c790f8fc2e06dfb4b0214d59048cbc1

              SHA512

              c5ef18d9f27f715ac1bc74219e1c8005ef2bd5e636eeea2478c67ae68c05c81ecf195fce2a4bdfe5195a73945830d87ef013623478084abbbf631fc7645a768f

              Download Submit

            • /usr/share/gdb/python/gdb/command/__pycache__/__init__.cpython-36.pyc.139953208378712
              Filesize

              128B

              MD5

              3ae2f9ef20949da27d1792bc901f17d1

              SHA1

              06863d36948f12339d3e58a72aa8cbca4979e396

              SHA256

              392dbf8bdba6c3f175670db3162d7899606403f914c0e38119cba50de2fbd054

              SHA512

              426174a9ea5ddf8fcdc301a954bd01aa99a74720143d13c6356580b95c589572c05e71a3a6fcb122c21d12b64ed1dc1f978205ba6b4abbd5adb48c12d449051e

              Download Submit

            • /usr/share/gdb/python/gdb/function/__pycache__/__init__.cpython-36.pyc.139953208378112
              Filesize

              129B

              MD5

              b07019dae32f5256d02ff79ad7827a6b

              SHA1

              1ebe57eaa3e00856cc4441e9315a18216520d43f

              SHA256

              0e931d4b20a1be6c54d9797c8b2a2ee9972d7fe01bb40ca7cb3754e125bfe4eb

              SHA512

              a04f902282fc0dbc1e53fe51c1c4acf98f7ad31203a8cea159db82a8a4399792470657bd1f71e9ca041d84936a2d3e09e37b96599f6f1efdefac7e4aa141b4ef

              Download Submit

            • /usr/share/gdb/python/gdb/printer/__pycache__/__init__.cpython-36.pyc.139953207259784
              Filesize

              128B

              MD5

              5e48c3e87bbba5df685dc5f1e910843f

              SHA1

              9140ab68625761c47f6f45ed2ab47d0bb58f41b1

              SHA256

              1ffb6ac93a9bcb8f0d346976772320bd9c04a1d4cd54db6d0127066f0c4faf21

              SHA512

              2d3afb81b84e390ecf99e35415a5fee921fcd342aa060c2d079a9c71a3b06dc488b001233bdf2210335b6f9bfbc52cc6705bf717106579d28338248715dea9f1

              Download Submit