7d6160d29bff9631558b89114a6745f06b559d5aa4b2d425be52327022cc970b

Analysis

max time kernel
148s
max time network
129s
platform
ubuntu-18.04_amd64
resource
ubuntu1804-amd64-20240611-en
resource tags

arch:amd64arch:i386image:ubuntu1804-amd64-20240611-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system
submitted
03/09/2024, 20:45

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

DeterminateSystems-nix-installer-661fe1c/nix-installer.sh
Size

17KB
MD5

f571852cb20503f80f0e53dc39b83a5f
SHA1

38f43a84ff18d60ee150b8e9ace66322d19bf9a2
SHA256

d830683013b8dc4ef57401a59e9ca343122ec88f8cb6ef5c12b190cc4ed1fb6e
SHA512

e09dfad915b5e2275fe6171e25af5854327d2a1ae1d54d2a31a417c01b40db7a89dfbfdd0e9bd2783ecef3bfd1c927069565ffff4d39288cf7a658ef1a8ae7d2
SSDEEP

384:b8P4Tnrg7LTtviCKbXds9aVYwjbvyoahZ:bf8fTtAs9aaQbvyoahZ

Score

3^/10

Malware Config

Signatures

Reads runtime system information 1 IoCs

Reads data from /proc virtual filesystem.

description	ioc	Process
File opened for reading	/proc/filesystems	mkdir

/tmp/DeterminateSystems-nix-installer-661fe1c/nix-installer.sh
/tmp/DeterminateSystems-nix-installer-661fe1c/nix-installer.sh
1⤵
PID:1492
- /bin/uname
  uname -s
  2⤵
  PID:1493
- /bin/uname
  uname -m
  2⤵
  PID:1494
- /bin/uname
  uname -o
  2⤵
  PID:1495
- /bin/grep
  grep -q musl
  2⤵
  PID:1497
- /usr/bin/ldd
  ldd --version
  2⤵
  PID:1496
- /bin/mktemp
  mktemp -d
  2⤵
  PID:1499
- /bin/mkdir
  mkdir -p /tmp/tmp.cmQCXafhyV
  2⤵
  - Reads runtime system information
  PID:1500
- /bin/grep
  grep -q "For all options use the manual or \"--help all\"."
  2⤵
  PID:1502
- /usr/bin/curl
  curl --help
  2⤵
  PID:1501
- /bin/grep
  grep -q -- --retry
  2⤵
  PID:1504
- /usr/bin/curl
  curl --help
  2⤵
  PID:1503
- /bin/grep
  grep -q " OpenSSL/"
  2⤵
  PID:1506
- /usr/bin/curl
  curl -V
  2⤵
  PID:1505
- /bin/grep
  grep -q "For all options use the manual or \"--help all\"."
  2⤵
  PID:1508
- /usr/bin/curl
  curl --help
  2⤵
  PID:1507
- /bin/grep
  grep -q -- --tlsv1.2
  2⤵
  PID:1510
- /usr/bin/curl
  curl --help
  2⤵
  PID:1509
- /bin/grep
  grep -q -- --ciphers
  2⤵
  PID:1512
- /usr/bin/curl
  curl --help
  2⤵
  PID:1511
- /bin/grep
  grep -q -- --proto
  2⤵
  PID:1514
- /usr/bin/curl
  curl --help
  2⤵
  PID:1513
- /usr/bin/curl
  curl --retry 3 --proto "=https" --tlsv1.2 --ciphers TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384 --silent --show-error --fail --location https://install.determinate.systems/nix/nix-installer-x86_64-linux --output /tmp/tmp.cmQCXafhyV/nix-installer
  2⤵
  PID:1516

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads