Overview

overview

4

Static

static

1

Patch.command

ubuntu-18.04-amd64

3

Patch.command

debian-9-armhf

3

Patch.command

debian-9-mips

4

Patch.command

debian-9-mipsel

4

Analysis

  • max time kernel
    2s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20240611-en
  • resource tags

    arch:armhfimage:debian9-armhf-20240611-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    25/08/2024, 01:32

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    Patch.command

  • Size

    1KB

  • MD5

    8b4094ab28f6debdb09572c66f69b055

  • SHA1

    32f5aaf3fe244d8e6475b28a891270a1719b721f

  • SHA256

    4de4fcbe810c8d46e6697825ced36e94260a728fb9ba21114d8fed67ea0dd22d

  • SHA512

    5935ca19345535c3fb31a500735f761afc053f0b9f4807d16915e590d8bbad8ddb210f7295376508338488cfee29fd942e7ace661ea88585d07132de3fced6e3

Score
3/10

Malware Config

Signatures

  • Reads runtime system information 21 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/Patch.command
    /tmp/Patch.command
    1⤵
      PID:644
      • /usr/bin/clear
        clear
        2⤵
          PID:646
        • /usr/bin/clear
          clear
          2⤵
            PID:647
          • /usr/bin/dirname
            dirname /tmp/Patch.command
            2⤵
              PID:653
            • /usr/bin/sudo
              sudo rm -f "/Applications/DaVinci Resolve/DaVinci Resolve.app/Contents/MacOS/Resolve"
              2⤵
              • Reads runtime system information
              PID:657
            • /usr/bin/sudo
              sudo rm -f "/Applications/DaVinci Resolve/DaVinci Resolve.app/Contents/Libraries/Fusion/libfusionsystem.dylib"
              2⤵
              • Reads runtime system information
              PID:663
            • /usr/bin/sudo
              sudo cp -f ./files/Resolve "/Applications/DaVinci Resolve/DaVinci Resolve.app/Contents/MacOS/"
              2⤵
              • Reads runtime system information
              PID:668
            • /usr/bin/sudo
              sudo chmod +x "/Applications/DaVinci Resolve/DaVinci Resolve.app/Contents/MacOS/Resolve"
              2⤵
              • Reads runtime system information
              PID:673
            • /usr/bin/sudo
              sudo cp -f ./files/libfusionsystem.dylib "/Applications/DaVinci Resolve/DaVinci Resolve.app/Contents/Libraries/Fusion/"
              2⤵
              • Reads runtime system information
              PID:675
            • /usr/bin/sudo
              sudo rm -f "/Library/Application Support/Blackmagic Design/DaVinci Resolve/.license/blackmagic.lic"
              2⤵
              • Reads runtime system information
              PID:678
            • /usr/bin/sudo
              sudo cp -f ./files/blackmagic.lic "/Library/Application Support/Blackmagic Design/DaVinci Resolve/.license/"
              2⤵
              • Reads runtime system information
              PID:680
            • /usr/bin/clear
              clear
              2⤵
                PID:683

            Network

                  MITRE ATT&CK Matrix

                  Replay Monitor

                  Loading Replay Monitor...

                  Downloads