ef4e465bad5cc4eb2bf2284ec489e8f702483e34f4dae9fdd8314c455b6e9ca8 | Triage

Analysis

max time kernel
0s
max time network
133s
platform
ubuntu-18.04_amd64
resource
ubuntu1804-amd64-20240611-en
resource tags

arch:amd64arch:i386image:ubuntu1804-amd64-20240611-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system
submitted
19/11/2024, 20:40 UTC

Sharing

Report Analysis Logs

General

Target

bashbunny-payloads-master/payloads/extensions/ble_exfil.sh
Size

473B
MD5

d32c4faa4306649fe369282bbf72a7f9
SHA1

e272f42ab5487159e829e075a86dc4e5938208d3
SHA256

88598ceb335d16f8d8152ad327a075ef69994e69e1477153e01aab2150405ef8
SHA512

e0f49421b85d9532a61495de88cefe73e4452521eddcd3e2acc80e8dd40c596362d299f1b19ca5d7da0ee2dbd271d4b96dfc2f86f872a790eea75f7e8b02a1e3

Score

1^/10

Malware Config

Signatures

/tmp/bashbunny-payloads-master/payloads/extensions/ble_exfil.sh
/tmp/bashbunny-payloads-master/payloads/extensions/ble_exfil.sh
1⤵
PID:1488

Network

DNS

1527653184.rsc.cdn77.org

Remote address:

1.1.1.1:53

Request

1527653184.rsc.cdn77.org

IN A

Response

1527653184.rsc.cdn77.org

IN A

89.187.167.39

1527653184.rsc.cdn77.org

IN A

84.17.50.8
DNS

1527653184.rsc.cdn77.org

Remote address:

1.1.1.1:53

Request

1527653184.rsc.cdn77.org

IN AAAA

Response

1527653184.rsc.cdn77.org

IN AAAA

2a02:6ea0:ca00::8

1527653184.rsc.cdn77.org

IN AAAA

2a02:6ea0:ca00::7

151.101.1.91:443

tls

127 B
40 B
2
1
185.125.188.62:443

tls

135 B
2
185.125.188.62:443

tls

135 B
2
151.101.1.91:443

extensions.gnome.org

tls

5.0kB
221.9kB
86
173
195.181.164.15:443

tls

8.4kB
102
89.187.167.39:443

odrs.gnome.org

tls

15.2kB
1.8MB
280
1274

224.0.0.251:5353

146 B
2
1.1.1.1:53

1527653184.rsc.cdn77.org

dns

81 B
113 B
1
1

DNS Request

1527653184.rsc.cdn77.org

DNS Response

89.187.167.39

84.17.50.8
1.1.1.1:53

1527653184.rsc.cdn77.org

dns

81 B
137 B
1
1

DNS Request

1527653184.rsc.cdn77.org

DNS Response

2a02:6ea0:ca00::8

2a02:6ea0:ca00::7

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads