Overview

overview

8

Static

static

1

OpenFeign-...DME.js

windows7-x64

3

OpenFeign-...DME.js

windows10-2004-x64

3

OpenFeign-...ple.js

windows7-x64

3

OpenFeign-...ple.js

windows10-2004-x64

3

OpenFeign-...est.js

windows7-x64

3

OpenFeign-...est.js

windows10-2004-x64

3

OpenFeign-...3/mvnw

ubuntu-18.04-amd64

1

OpenFeign-...3/mvnw

debian-9-armhf

1

OpenFeign-...3/mvnw

debian-9-mips

1

OpenFeign-...3/mvnw

debian-9-mipsel

1

OpenFeign-...nw.cmd

windows7-x64

3

OpenFeign-...nw.cmd

windows10-2004-x64

8

OpenFeign-...ges.sh

ubuntu-18.04-amd64

1

OpenFeign-...ges.sh

debian-9-armhf

1

OpenFeign-...ges.sh

debian-9-mips

1

OpenFeign-...ges.sh

debian-9-mipsel

1

OpenFeign-...ase.sh

ubuntu-18.04-amd64

3

OpenFeign-...ase.sh

debian-9-armhf

3

OpenFeign-...ase.sh

debian-9-mips

3

OpenFeign-...ase.sh

debian-9-mipsel

3

OpenFeign-...DME.js

windows7-x64

3

OpenFeign-...DME.js

windows10-2004-x64

3

OpenFeign-...DME.js

windows7-x64

3

OpenFeign-...DME.js

windows10-2004-x64

3

Analysis

  • max time kernel
    0s
  • max time network
    128s
  • platform
    ubuntu-18.04_amd64
  • resource
    ubuntu1804-amd64-20240611-en
  • resource tags

    arch:amd64arch:i386image:ubuntu1804-amd64-20240611-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system
  • submitted
    02/09/2024, 15:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    OpenFeign-feign-5a43a23/scripts/release.sh

  • Size

    1KB

  • MD5

    eadee62aea237484fe590a8c5ed12268

  • SHA1

    6b7fec93336c6c11c0ffc36685380b6c9067deb4

  • SHA256

    13ab1772871b3b12830e9313f2879bbae2c13d0e46e4e9342166943b9a2b0c75

  • SHA512

    ce6480c3b2d86e23799ed3f6168ab809ca3aa69d1543a741c2904d4acb76753f72e014b3eace98cd3d1bb7a4896f21ab71f6714066783c4a534acd3f04763222

Score
3/10

Malware Config

Signatures

  • Reads runtime system information 2 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/OpenFeign-feign-5a43a23/scripts/release.sh
    /tmp/OpenFeign-feign-5a43a23/scripts/release.sh
    1⤵
      PID:1513
    • /usr/local/sbin/bash
      bash /tmp/OpenFeign-feign-5a43a23/scripts/release.sh
      1⤵
        PID:1513
      • /usr/local/bin/bash
        bash /tmp/OpenFeign-feign-5a43a23/scripts/release.sh
        1⤵
          PID:1513
        • /usr/sbin/bash
          bash /tmp/OpenFeign-feign-5a43a23/scripts/release.sh
          1⤵
            PID:1513
          • /usr/bin/bash
            bash /tmp/OpenFeign-feign-5a43a23/scripts/release.sh
            1⤵
              PID:1513
            • /sbin/bash
              bash /tmp/OpenFeign-feign-5a43a23/scripts/release.sh
              1⤵
                PID:1513
              • /bin/bash
                bash /tmp/OpenFeign-feign-5a43a23/scripts/release.sh
                1⤵
                  PID:1513
                  • /bin/sed
                    sed -n "/^[0-9]/p"
                    2⤵
                    • Reads runtime system information
                    PID:1516
                  • /tmp/OpenFeign-feign-5a43a23/scripts/mvnw
                    ./mvnw -B help:evaluate -N "-Dexpression=project.version"
                    2⤵
                      PID:1515
                    • /usr/bin/cut
                      cut -d- -f 1
                      2⤵
                        PID:1519
                      • /usr/bin/awk
                        awk -F. -v "OFS=." "NF==1{print ++\$NF}; NF>1{if(length(\$NF+1)>length(\$NF))\$(NF-1)++; \$NF=sprintf(\"%0*d\", length(\$NF), (\$NF+1)%(10^length(\$NF))); print}"
                        2⤵
                        • Reads runtime system information
                        PID:1523
                      • /tmp/OpenFeign-feign-5a43a23/scripts/mvnw
                        ./mvnw -B versions:set license:format scm:checkin -DremoveSnapshot "-DgenerateBackupPoms=false" "-Dmessage=prepare release " "-DpushChanges=false"
                        2⤵
                          PID:1524
                        • /tmp/OpenFeign-feign-5a43a23/scripts/mvnw
                          ./mvnw scm:tag
                          2⤵
                            PID:1525
                          • /tmp/OpenFeign-feign-5a43a23/scripts/mvnw
                            ./mvnw -B versions:set scm:checkin "-DnewVersion=-SNAPSHOT" "-DgenerateBackupPoms=false" "-Dmessage=[ci skip] updating versions to next development iteration -SNAPSHOT"
                            2⤵
                              PID:1526

                          Network

                          MITRE ATT&CK Matrix

                          Replay Monitor

                          Loading Replay Monitor...

                          Downloads