General
-
Target
yak.sh
-
Size
2KB
-
Sample
241124-aamklszlcn
-
MD5
f50f60f970a5203dad27c480da7b4519
-
SHA1
f50f26900efe72f11c37767b5db9a3916a7c76b4
-
SHA256
ca0bd413a34399accc6f62506ac94f9c7e1fd5c4efa49d1627eed568b1de78bf
-
SHA512
40c118ed8e7b22ba4c439cc3de9a9d69d7cccd9b4d109b00a716ea564379e001304edaffb0f9ca143e87cb0138f566aebea2e998b76c9bb4b653cf7a191e4ddd
Static task
static1
Behavioral task
behavioral1
Sample
yak.sh
Resource
ubuntu1804-amd64-20240508-en
Behavioral task
behavioral2
Sample
yak.sh
Resource
debian9-armhf-20240729-en
Behavioral task
behavioral3
Sample
yak.sh
Resource
debian9-mipsbe-20240611-en
Behavioral task
behavioral4
Sample
yak.sh
Resource
debian9-mipsel-20240611-en
Malware Config
Extracted
Protocol: ftp- Host:
linux-it.abuser.eu - Port:
21 - Username:
anonymous - Password:
[email protected]
Targets
-
-
Target
yak.sh
-
Size
2KB
-
MD5
f50f60f970a5203dad27c480da7b4519
-
SHA1
f50f26900efe72f11c37767b5db9a3916a7c76b4
-
SHA256
ca0bd413a34399accc6f62506ac94f9c7e1fd5c4efa49d1627eed568b1de78bf
-
SHA512
40c118ed8e7b22ba4c439cc3de9a9d69d7cccd9b4d109b00a716ea564379e001304edaffb0f9ca143e87cb0138f566aebea2e998b76c9bb4b653cf7a191e4ddd
-
XMRig Miner payload
-
Xmrig family
-
Xmrig_linux family
-
File and Directory Permissions Modification
Adversaries may modify file or directory permissions to evade defenses.
-
Executes dropped EXE
-
Enumerates running processes
Discovers information about currently running processes on the system
-
MITRE ATT&CK Enterprise v15
Defense Evasion
File and Directory Permissions Modification
1Linux and Mac File and Directory Permissions Modification
1Virtualization/Sandbox Evasion
1System Checks
1