General
-
Target
a.sh
-
Size
6KB
-
Sample
240909-vjrada1gmd
-
MD5
e97dee2d99e3bd5150abdfb488aafeb8
-
SHA1
8a9b089a194b383b2202457afa1e0b3ec8fc4d3f
-
SHA256
f5462666cfd610336545233aba5f6014699d4b07829c856d0b99956075f7331b
-
SHA512
1d572bc3c7642ea007d441865c879ce4037848210a5194ea1bf262af22e9b84e674c067138531672758e2fbf7a53e82820502736827366d4688180c1f6bcfa25
-
SSDEEP
192:mRoo5wsIGV7DDf6jlpTWg3vMGQit/3PCd/8PY3+R3YB:mao5wgV7DDf6jlpTWg3vMGQit/3PCd//
Static task
static1
Behavioral task
behavioral1
Sample
a.sh
Resource
ubuntu1804-amd64-20240611-en
Malware Config
Targets
-
-
Target
a.sh
-
Size
6KB
-
MD5
e97dee2d99e3bd5150abdfb488aafeb8
-
SHA1
8a9b089a194b383b2202457afa1e0b3ec8fc4d3f
-
SHA256
f5462666cfd610336545233aba5f6014699d4b07829c856d0b99956075f7331b
-
SHA512
1d572bc3c7642ea007d441865c879ce4037848210a5194ea1bf262af22e9b84e674c067138531672758e2fbf7a53e82820502736827366d4688180c1f6bcfa25
-
SSDEEP
192:mRoo5wsIGV7DDf6jlpTWg3vMGQit/3PCd/8PY3+R3YB:mao5wgV7DDf6jlpTWg3vMGQit/3PCd//
-
Deletes system logs
Deletes log file which contains global system messages. Adversaries may delete system logs to minimize their footprint.
-
Flushes firewall rules
Flushes/ disables firewall rules inside the Linux kernel.
-
Abuse Elevation Control Mechanism: Sudo and Sudo Caching
Abuse sudo or cached sudo credentials to execute code.
-
Disables AppArmor
Disables AppArmor security module.
-
Disables SELinux
Disables SELinux security module.
-
Enumerates running processes
Discovers information about currently running processes on the system
-