a165970ae8fe1a3eee019f003b64b09199cfb4bf9828924667836de7e4c26655

Submit
Reports

Overview

overview

Static

static

python-dec...o__.py

windows7-x64

python-dec...o__.py

windows10-2004-x64

python-dec...ons.sh

ubuntu-18.04-amd64

python-dec...ons.sh

debian-9-armhf

python-dec...ons.sh

debian-9-mips

python-dec...ons.sh

debian-9-mipsel

python-dec...ist.sh

ubuntu-18.04-amd64

python-dec...ist.sh

debian-9-armhf

python-dec...ist.sh

debian-9-mips

python-dec...ist.sh

debian-9-mipsel

python-dec...sts.sh

ubuntu-18.04-amd64

python-dec...sts.sh

debian-9-armhf

python-dec...sts.sh

debian-9-mips

python-dec...sts.sh

debian-9-mipsel

python-dec...all.sh

ubuntu-18.04-amd64

python-dec...all.sh

debian-9-armhf

python-dec...all.sh

debian-9-mips

python-dec...all.sh

debian-9-mipsel

python-dec...ter.sh

ubuntu-18.04-amd64

python-dec...ter.sh

debian-9-armhf

python-dec...ter.sh

debian-9-mips

python-dec...ter.sh

debian-9-mipsel

python-dec...sts.sh

ubuntu-18.04-amd64

python-dec...sts.sh

debian-9-armhf

python-dec...sts.sh

debian-9-mips

python-dec...sts.sh

debian-9-mipsel

python-dec...ll.ps1

windows7-x64

python-dec...ll.ps1

windows10-2004-x64

python-dec...nv.cmd

windows7-x64

python-dec...nv.cmd

windows10-2004-x64

python-dec...e-code

ubuntu-18.04-amd64

python-dec...e-code

debian-9-armhf

Analysis

max time kernel
0s
max time network
131s
platform
ubuntu-18.04_amd64
resource
ubuntu1804-amd64-20240611-en
resource tags

arch:amd64arch:i386image:ubuntu1804-amd64-20240611-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system
submitted
12/10/2024, 03:45

Sharing

Copy URL

Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

python-decompile3-master/__pkginfo__.py

Resource

win7-20240903-en

discovery

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

python-decompile3-master/__pkginfo__.py

Resource

win10v2004-20241007-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral3

Sample

python-decompile3-master/admin-tools/check-versions.sh

Resource

ubuntu1804-amd64-20240611-en

ubuntu-18.04-amd64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

python-decompile3-master/admin-tools/check-versions.sh

Resource

debian9-armhf-20240729-en

debian-9-armhf

0 signatures

150 seconds

Behavioral task

behavioral5

Sample

python-decompile3-master/admin-tools/check-versions.sh

Resource

debian9-mipsbe-20240418-en

debian-9-mips

0 signatures

150 seconds

Behavioral task

behavioral6

Sample

python-decompile3-master/admin-tools/check-versions.sh

Resource

debian9-mipsel-20240226-en

debian-9-mipsel

0 signatures

150 seconds

Behavioral task

behavioral7

Sample

python-decompile3-master/admin-tools/make-dist.sh

Resource

ubuntu1804-amd64-20240611-en

ubuntu-18.04-amd64

0 signatures

150 seconds

Behavioral task

behavioral8

Sample

python-decompile3-master/admin-tools/make-dist.sh

Resource

debian9-armhf-20240418-en

debian-9-armhf

0 signatures

150 seconds

Behavioral task

behavioral9

Sample

python-decompile3-master/admin-tools/make-dist.sh

Resource

debian9-mipsbe-20240611-en

debian-9-mips

0 signatures

150 seconds

Behavioral task

behavioral10

Sample

python-decompile3-master/admin-tools/make-dist.sh

Resource

debian9-mipsel-20240729-en

debian-9-mipsel

0 signatures

150 seconds

Behavioral task

behavioral11

Sample

python-decompile3-master/admin-tools/pycdc-runtests.sh

Resource

ubuntu1804-amd64-20240611-en

ubuntu-18.04-amd64

0 signatures

150 seconds

Behavioral task

behavioral12

Sample

python-decompile3-master/admin-tools/pycdc-runtests.sh

Resource

debian9-armhf-20240611-en

debian-9-armhf

0 signatures

150 seconds

Behavioral task

behavioral13

Sample

python-decompile3-master/admin-tools/pycdc-runtests.sh

Resource

debian9-mipsbe-20240418-en

debian-9-mips

0 signatures

150 seconds

Behavioral task

behavioral14

Sample

python-decompile3-master/admin-tools/pycdc-runtests.sh

Resource

debian9-mipsel-20240729-en

debian-9-mipsel

0 signatures

150 seconds

Behavioral task

behavioral15

Sample

python-decompile3-master/admin-tools/run-pyenvlib-test-all.sh

Resource

ubuntu1804-amd64-20240611-en

ubuntu-18.04-amd64

0 signatures

150 seconds

Behavioral task

behavioral16

Sample

python-decompile3-master/admin-tools/run-pyenvlib-test-all.sh

Resource

debian9-armhf-20240611-en

debian-9-armhf

0 signatures

150 seconds

Behavioral task

behavioral17

Sample

python-decompile3-master/admin-tools/run-pyenvlib-test-all.sh

Resource

debian9-mipsbe-20240611-en

debian-9-mips

0 signatures

150 seconds

Behavioral task

behavioral18

Sample

python-decompile3-master/admin-tools/run-pyenvlib-test-all.sh

Resource

debian9-mipsel-20240611-en

debian-9-mipsel

0 signatures

150 seconds

Behavioral task

behavioral19

Sample

python-decompile3-master/admin-tools/setup-master.sh

Resource

ubuntu1804-amd64-20240508-en

ubuntu-18.04-amd64

0 signatures

150 seconds

Behavioral task

behavioral20

Sample

python-decompile3-master/admin-tools/setup-master.sh

Resource

debian9-armhf-20240729-en

debian-9-armhf

0 signatures

150 seconds

Behavioral task

behavioral21

Sample

python-decompile3-master/admin-tools/setup-master.sh

Resource

debian9-mipsbe-20240611-en

debian-9-mips

0 signatures

150 seconds

Behavioral task

behavioral22

Sample

python-decompile3-master/admin-tools/setup-master.sh

Resource

debian9-mipsel-20240729-en

debian-9-mipsel

0 signatures

150 seconds

Behavioral task

behavioral23

Sample

python-decompile3-master/admin-tools/uncompyle2-runtests.sh

Resource

ubuntu1804-amd64-20240611-en

ubuntu-18.04-amd64

1 signatures

150 seconds

Behavioral task

behavioral24

Sample

python-decompile3-master/admin-tools/uncompyle2-runtests.sh

Resource

debian9-armhf-20240611-en

debian-9-armhf

1 signatures

150 seconds

Behavioral task

behavioral25

Sample

python-decompile3-master/admin-tools/uncompyle2-runtests.sh

Resource

debian9-mipsbe-20240418-en

debian-9-mips

1 signatures

150 seconds

Behavioral task

behavioral26

Sample

python-decompile3-master/admin-tools/uncompyle2-runtests.sh

Resource

debian9-mipsel-20240226-en

debian-9-mipsel

1 signatures

150 seconds

Behavioral task

behavioral27

Sample

python-decompile3-master/appveyor/install.ps1

Resource

win7-20240708-en

execution

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral28

Sample

python-decompile3-master/appveyor/install.ps1

Resource

win10v2004-20241007-en

execution

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral29

Sample

python-decompile3-master/appveyor/run_with_env.cmd

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral30

Sample

python-decompile3-master/appveyor/run_with_env.cmd

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral31

Sample

python-decompile3-master/bin/decompyle-code

Resource

ubuntu1804-amd64-20240611-en

ubuntu-18.04-amd64

0 signatures

150 seconds

Behavioral task

behavioral32

Sample

python-decompile3-master/bin/decompyle-code

Resource

debian9-armhf-20240611-en

debian-9-armhf

0 signatures

150 seconds

Report Analysis Logs

General

Target

python-decompile3-master/admin-tools/uncompyle2-runtests.sh
Size

776B
MD5

e1ee565988412086ce01fc8438774b29
SHA1

0b07fb4720e4a17f9750cc9d1b57196bbff61988
SHA256

2dc3b6f6d36a28804dae4a4b3b8d1873a8dac96aaae65c327be0e4ef9484a304
SHA512

8800f37fa026516b5f851190acd85043c5b7f42f0dc4a0ca9a80e319d68469fd41595abbb8c6012234634a146fa8066d0261bcc37dbabcf7de256b9e1463b30d

Score

3^/10

Malware Config

Signatures

Writes file to tmp directory 1 IoCs

Malware often drops required files in the /tmp directory.

description	ioc	Process
File opened for modification	/tmp/test-2.7/*.py	uncompyle2-runtests.sh

Processes

/tmp/python-decompile3-master/admin-tools/uncompyle2-runtests.sh
/tmp/python-decompile3-master/admin-tools/uncompyle2-runtests.sh
1⤵
- Writes file to tmp directory
PID:1500
- /usr/bin/dirname
  dirname /tmp/python-decompile3-master/admin-tools/uncompyle2-runtests.sh
  2⤵
  PID:1501
- /bin/readlink
  readlink -f /tmp/python-decompile3-master/admin-tools/../test
  2⤵
  PID:1504
- /usr/bin/basename
  basename "*.pyc" .pyc
  2⤵
  PID:1507

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads