Overview

overview

10

Static

static

10

bashbunny-...ter.sh

ubuntu-18.04-amd64

3

bashbunny-...ter.sh

debian-9-armhf

3

bashbunny-...ter.sh

debian-9-mips

3

bashbunny-...ter.sh

debian-9-mipsel

3

bashbunny-...ig.txt

ubuntu-18.04-amd64

bashbunny-...ig.txt

debian-9-armhf

1

bashbunny-...ig.txt

debian-9-mips

1

bashbunny-...ig.txt

debian-9-mipsel

1

bashbunny-...fil.sh

ubuntu-18.04-amd64

1

bashbunny-...fil.sh

debian-9-armhf

1

bashbunny-...fil.sh

debian-9-mips

1

bashbunny-...fil.sh

debian-9-mipsel

1

bashbunny-...ber.sh

ubuntu-18.04-amd64

1

bashbunny-...ber.sh

debian-9-armhf

1

bashbunny-...ber.sh

debian-9-mips

1

bashbunny-...ber.sh

debian-9-mipsel

1

bashbunny-...bug.sh

ubuntu-18.04-amd64

1

bashbunny-...bug.sh

debian-9-armhf

1

bashbunny-...bug.sh

debian-9-mips

1

bashbunny-...bug.sh

debian-9-mipsel

1

bashbunny-...ord.sh

ubuntu-18.04-amd64

1

bashbunny-...ord.sh

debian-9-armhf

1

bashbunny-...ord.sh

debian-9-mips

1

bashbunny-...ord.sh

debian-9-mipsel

1

bashbunny-...rop.sh

ubuntu-18.04-amd64

1

bashbunny-...rop.sh

debian-9-armhf

1

bashbunny-...rop.sh

debian-9-mips

1

bashbunny-...rop.sh

debian-9-mipsel

1

bashbunny-...ang.sh

ubuntu-18.04-amd64

1

bashbunny-...ang.sh

debian-9-armhf

1

bashbunny-...ang.sh

debian-9-mips

1

bashbunny-...ang.sh

debian-9-mipsel

1

Analysis

  • max time kernel
    1s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20240611-en
  • resource tags

    arch:armhfimage:debian9-armhf-20240611-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    19-11-2024 20:40

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    bashbunny-payloads-master/bunny-connecter.sh

  • Size

    14KB

  • MD5

    28995267dbb01c6947e25c7e139548d7

  • SHA1

    a1883a4ed3eaae232ad04ae5e27d4f2e9dcac9e3

  • SHA256

    fb299f0960658ed49f3ed93abf8ec76a6b589d802a7a46556f8923743e9b70f4

  • SHA512

    db108246caa37ba17e8e12c0568eefcc71108381d5245de9c258b55d8c6d02cb1f2fee325631c25e47dc9bca0ef704b44d66557232671f8ad9ab5e2841e10a5c

  • SSDEEP

    192:zEnSRsQcByYqxPY743NViFxdY86QFla/2Y8ZthskITJWt79zl:GS3NV6YUFcLmLhb

Score
3/10

Malware Config

Signatures

  • Writes file to tmp directory 1 IoCs

    Malware often drops required files in the /tmp directory.

Processes

  • /tmp/bashbunny-payloads-master/bunny-connecter.sh
    /tmp/bashbunny-payloads-master/bunny-connecter.sh
    1⤵
    • Writes file to tmp directory
    PID:754
    • /usr/bin/dirname
      dirname /tmp/bashbunny-payloads-master/bunny-connecter.sh
      2⤵
        PID:755
      • /usr/bin/tput
        tput setaf 3
        2⤵
          PID:756
        • /usr/bin/tput
          tput sgr0
          2⤵
            PID:758
          • /usr/bin/tput
            tput bold
            2⤵
              PID:762
            • /usr/bin/tput
              tput sgr0
              2⤵
                PID:763
              • /sbin/iptables
                iptables -D FORWARD -i wlo1 -o enx001122334455 -s 172.16.64.0/24 -m state --state NEW -j ACCEPT
                2⤵
                  PID:764
                • /sbin/iptables
                  iptables -D FORWARD -m state --state "ESTABLISHED,RELATED" -j ACCEPT
                  2⤵
                    PID:770
                  • /sbin/iptables
                    iptables -D POSTROUTING -t nat -s 172.16.64.1 -j MASQUERADE
                    2⤵
                      PID:771
                    • /usr/bin/tput
                      tput bold
                      2⤵
                        PID:778
                      • /usr/bin/tput
                        tput sgr0
                        2⤵
                          PID:779
                        • /usr/bin/tput
                          tput bold
                          2⤵
                            PID:780
                          • /usr/bin/tput
                            tput sgr0
                            2⤵
                              PID:781
                            • /usr/bin/tput
                              tput bold
                              2⤵
                                PID:782
                              • /usr/bin/tput
                                tput sgr0
                                2⤵
                                  PID:783
                                • /usr/bin/tput
                                  tput bold
                                  2⤵
                                    PID:784
                                  • /usr/bin/tput
                                    tput sgr0
                                    2⤵
                                      PID:785
                                    • /usr/bin/tput
                                      tput bold
                                      2⤵
                                        PID:786
                                      • /usr/bin/tput
                                        tput sgr0
                                        2⤵
                                          PID:787

                                      Network

                                      MITRE ATT&CK Matrix

                                      Replay Monitor

                                      Loading Replay Monitor...

                                      Downloads

                                      • /tmp/bashbunny-payloads-master/bunny_connecter_config.txt
                                        Filesize

                                        26B

                                        MD5

                                        d583af7043f5514dede8985a9fc718d5

                                        SHA1

                                        6b7c35d310ffa0a70c54854b09ee0fddffd6bae4

                                        SHA256

                                        fbcbdb045ecf7e1d6441d0b0878925f021ae4700251dcf539d061cb63c8b2273

                                        SHA512

                                        54e616ddf4ad4ce1355a9267cf7973875ff5bd14db6b6e0c56940df629944e8a82d95554b105e1cc322dcf95a31965cf061393cd92eff5a64ea8efb4ca9da418

                                        Download Submit

                                      • /tmp/bashbunny-payloads-master/bunny_connecter_config.txt
                                        Filesize

                                        51B

                                        MD5

                                        4bdde07ca6166d10e011511c322163e2

                                        SHA1

                                        9877b13c55cb8c97437e5a48835f442c1a0cdf0c

                                        SHA256

                                        57e8bb9e5eeee4d6046d6e7ac50a9e01e156cb1fa9a31429a15cc819f928b5ec

                                        SHA512

                                        3bb8405d641b4235b67f43a5e9c9b12abdf4fe9dc6ac3e7bd108010ce39e85b36313c2eda448b41d8c9f823efcb1d683d4da227fe5b7073a32bd1778aa87c32b

                                        Download Submit

                                      • /tmp/bashbunny-payloads-master/bunny_connecter_config.txt
                                        Filesize

                                        77B

                                        MD5

                                        12f27f729e20ed7da9580e8ed43be04b

                                        SHA1

                                        8e2fd88ab0f57d438a48a2d997df56da69cd1bf6

                                        SHA256

                                        85b1b0ea2178b7c011c7ab463bf820e3669dd389a7fd28d36566cebba8ad515c

                                        SHA512

                                        363c54ca39c07f7fecb4d32eefb71ec45bfba8bce64d26815a4a1d67395c0aa94998a516832f839ba491cd2714ba8ca1a15304e5fe5f057dbcbc2182335cdf1a

                                        Download Submit

                                      • /tmp/bashbunny-payloads-master/bunny_connecter_config.txt
                                        Filesize

                                        92B

                                        MD5

                                        8e94ee863530f8ae845ddf636c361648

                                        SHA1

                                        3f53738c9212be55e7fb5ac108b73e85fcbe5abb

                                        SHA256

                                        b1011cb29b51ad16ab21b2305520065e777788bcc7712ffc9a1439204fa4c959

                                        SHA512

                                        5d10c7747db698b8f6a19468f92c81ae0d35ca45bde40ff91f2aae254af03dd6a3195892d32b7a9f29a863338b484328602332ef1c243a4fe9b1f71cd810fe15

                                        Download Submit

                                      • /tmp/bashbunny-payloads-master/bunny_connecter_config.txt
                                        Filesize

                                        113B

                                        MD5

                                        12fa39c51ca93202c28ebf1f1c2aedbd

                                        SHA1

                                        33ba9fd3534cca534ed4956e7eb78fc1ec5185c1

                                        SHA256

                                        7591ca3560b903c83ee0cac9e98d334af2d24c6f326d74d1c255f5e1140a84c2

                                        SHA512

                                        2794ea756b41157864dfc21b51254989834f84662509d9976c491c4a3b6085e9cc6ce69ef21bc0e9f40f58c9ad0e589a0894b6a1db553afbf319bf7da6a756c6

                                        Download Submit

                                      • /tmp/bashbunny-payloads-master/bunny_connecter_config.txt
                                        Filesize

                                        173B

                                        MD5

                                        1142754639e4b1f8e28381f9b3a8e465

                                        SHA1

                                        7c2068cf4acfb94d3d702749e88523c235816cf9

                                        SHA256

                                        644051f3272aa83cba1f8d57f260b76142673b08f2a448c492b65c9494dbbf35

                                        SHA512

                                        ff57a8707a8bb1b38d7ebe641eb2f50f50a836e2d546c8fc23004543c02894916bf010f41a58709cb75097e4979e86dbc9a5f3c18142e242174e7fe4345b33b6

                                        Download Submit