General
-
Target
ohshit.sh
-
Size
2KB
-
Sample
241127-2jslrstnav
-
MD5
7814986a56e9eec13ac3ae6f544d1fc3
-
SHA1
0bb0cdecbc68f66b941d22c4865f2d1b2d0aacb5
-
SHA256
0f3f80593ae34b1d23fd48e0b8455f7737f60c7346f289b18adb56d8d487171d
-
SHA512
a388fbb1740697ea84e827eef76a45ac8d90ed172f7afe57d3ac722634efead71347d8e45cb053403899d2bb70ddc43e0e2a2c6e470f8fcfd453cef9333aad51
Static task
static1
Behavioral task
behavioral1
Sample
ohshit.sh
Resource
ubuntu1804-amd64-20240729-en
Behavioral task
behavioral2
Sample
ohshit.sh
Resource
debian9-armhf-20240611-en
Behavioral task
behavioral3
Sample
ohshit.sh
Resource
debian9-mipsbe-20240611-en
Behavioral task
behavioral4
Sample
ohshit.sh
Resource
debian9-mipsel-20240418-en
Malware Config
Targets
-
-
Target
ohshit.sh
-
Size
2KB
-
MD5
7814986a56e9eec13ac3ae6f544d1fc3
-
SHA1
0bb0cdecbc68f66b941d22c4865f2d1b2d0aacb5
-
SHA256
0f3f80593ae34b1d23fd48e0b8455f7737f60c7346f289b18adb56d8d487171d
-
SHA512
a388fbb1740697ea84e827eef76a45ac8d90ed172f7afe57d3ac722634efead71347d8e45cb053403899d2bb70ddc43e0e2a2c6e470f8fcfd453cef9333aad51
Score8/10-
Contacts a large (594) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
File and Directory Permissions Modification
Adversaries may modify file or directory permissions to evade defenses.
-
Executes dropped EXE
-
MITRE ATT&CK Enterprise v15
Defense Evasion
File and Directory Permissions Modification
1Linux and Mac File and Directory Permissions Modification
1Virtualization/Sandbox Evasion
1System Checks
1