Overview

overview

3

Static

static

1

epigrass-2...ut4.py

windows7-x64

3

epigrass-2...ut4.py

windows10-2004-x64

3

epigrass-2...new.py

windows7-x64

3

epigrass-2...new.py

windows10-2004-x64

3

epigrass-2...lay.py

windows7-x64

3

epigrass-2...lay.py

windows10-2004-x64

3

epigrass-2...tor.py

windows7-x64

3

epigrass-2...tor.py

windows10-2004-x64

3

epigrass-2...t__.py

windows7-x64

3

epigrass-2...t__.py

windows10-2004-x64

3

epigrass-2...n__.py

windows7-x64

3

epigrass-2...n__.py

windows10-2004-x64

3

epigrass-2...out.py

windows7-x64

3

epigrass-2...out.py

windows10-2004-x64

3

epigrass-2...nel.py

windows7-x64

3

epigrass-2...nel.py

windows10-2004-x64

3

epigrass-2...ect.py

windows7-x64

3

epigrass-2...ect.py

windows10-2004-x64

3

epigrass-2..._io.py

windows7-x64

3

epigrass-2..._io.py

windows10-2004-x64

3

epigrass-2...aph.py

windows7-x64

3

epigrass-2...aph.py

windows10-2004-x64

3

epigrass-2...des.py

ubuntu-18.04-amd64

3

epigrass-2...des.py

debian-9-armhf

3

epigrass-2...des.py

debian-9-mips

3

epigrass-2...des.py

debian-9-mipsel

3

epigrass-2...tor.py

ubuntu-18.04-amd64

3

epigrass-2...tor.py

debian-9-armhf

3

epigrass-2...tor.py

debian-9-mips

3

epigrass-2...tor.py

debian-9-mipsel

3

epigrass-2...lay.py

ubuntu-18.04-amd64

3

epigrass-2...lay.py

debian-9-armhf

3

Analysis

  • max time kernel
    1s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20240611-en
  • resource tags

    arch:armhfimage:debian9-armhf-20240611-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    15-09-2024 16:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    epigrass-2.0b1/Epigrass/epiRTplay.py

  • Size

    3KB

  • MD5

    93610d7ae96aba37b064e335f62b3a54

  • SHA1

    079e8c7acdaa93d00908dee90e771814002e6cc1

  • SHA256

    5fa1e4d81e302c11a22df4daa5936aa4e40872c6a900149966374d33729d2694

  • SHA512

    91d1c47f3b3e6c087335d92c6b6fe6662adf43952b77d2e0358be5212efefb6b5693f7004e520037e50cbdb01b58eb602ae54f4a71e156e6edf0af279d14d2fa

Score
3/10
execution

Malware Config

Signatures

  • Command and Scripting Interpreter: Python 1 TTPs 4 IoCs

    Execution via Python.

    execution
  • Writes file to tmp directory 1 IoCs

    Malware often drops required files in the /tmp directory.

Processes

  • /tmp/epigrass-2.0b1/Epigrass/epiRTplay.py
    /tmp/epigrass-2.0b1/Epigrass/epiRTplay.py
    1⤵
      PID:655
    • /usr/local/sbin/python
      python /tmp/epigrass-2.0b1/Epigrass/epiRTplay.py
      1⤵
      • Command and Scripting Interpreter: Python
      PID:655
    • /usr/local/bin/python
      python /tmp/epigrass-2.0b1/Epigrass/epiRTplay.py
      1⤵
      • Command and Scripting Interpreter: Python
      PID:655
    • /usr/sbin/python
      python /tmp/epigrass-2.0b1/Epigrass/epiRTplay.py
      1⤵
      • Command and Scripting Interpreter: Python
      PID:655
    • /usr/bin/python
      python /tmp/epigrass-2.0b1/Epigrass/epiRTplay.py
      1⤵
      • Command and Scripting Interpreter: Python
      • Writes file to tmp directory
      PID:655

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads