4018e635ccec554cd7774cde027e3887b98060e46f279b8a5fb3c35934e9b526

Analysis

max time kernel
0s
max time network
0s
platform
ubuntu-22.04_amd64
resource
ubuntu2204-amd64-20240729-en
resource tags

arch:amd64arch:i386image:ubuntu2204-amd64-20240729-enkernel:5.15.0-105-genericlocale:en-usos:ubuntu-22.04-amd64system
submitted
10/12/2024, 14:21 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

easy-diffusion/scripts/on_env_start.sh
Size

1KB
MD5

27211515e2bb499d4dc0cd58e5db6878
SHA1

26d8c5658203d2b3a47f12787f17a21fdd56fa77
SHA256

1359c994ba1f2c8291d77d648cd15a4d3993e79d01c40d811a3cd83b05edc4cc
SHA512

37e3e9c4b3807972b324dbccdf0eedd8093bb1094feb46d5424e442e320739840a9c7eb8be08a93a675e1e37cd1a5061ead01447588fab3ad51547d3a3461a3c

Score

3^/10

discovery

Malware Config

Signatures

Reads runtime system information 9 IoCs

Reads data from /proc virtual filesystem.

discovery

description	ioc	Process
File opened for reading	/proc/filesystems	cp
File opened for reading	/proc/filesystems	cp
File opened for reading	/proc/filesystems	cp
File opened for reading	/proc/filesystems	cp
File opened for reading	/proc/filesystems	cp
File opened for reading	/proc/filesystems	cp
File opened for reading	/proc/filesystems	cp
File opened for reading	/proc/filesystems	cp
File opened for reading	/proc/filesystems	cp

System Network Configuration Discovery 1 TTPs 9 IoCs

Adversaries may gather information about the network configuration of a system.

discovery

System Network Configuration Discovery

T1016

pid	Process
1569	cp
1572	cp
1573	cp
1575	cp
1576	cp
1570	cp
1571	cp
1574	cp
1562	on_sd_start.sh

/tmp/easy-diffusion/scripts/on_env_start.sh
/tmp/easy-diffusion/scripts/on_env_start.sh
1⤵
PID:1562
- /usr/bin/rm
  rm -rf ui
  2⤵
  PID:1567
- /usr/bin/cp
  cp -Rf sd-ui-files/ui .
  2⤵
  - Reads runtime system information
  PID:1568
- /usr/bin/cp
  cp sd-ui-files/scripts/on_sd_start.sh scripts/
  2⤵
  - Reads runtime system information
  - System Network Configuration Discovery
  PID:1569
- /usr/bin/cp
  cp sd-ui-files/scripts/bootstrap.sh scripts/
  2⤵
  - Reads runtime system information
  - System Network Configuration Discovery
  PID:1570
- /usr/bin/cp
  cp sd-ui-files/scripts/check_modules.py scripts/
  2⤵
  - Reads runtime system information
  - System Network Configuration Discovery
  PID:1571
- /usr/bin/cp
  cp sd-ui-files/scripts/get_config.py scripts/
  2⤵
  - Reads runtime system information
  - System Network Configuration Discovery
  PID:1572
- /usr/bin/cp
  cp sd-ui-files/scripts/config.yaml.sample scripts/
  2⤵
  - Reads runtime system information
  - System Network Configuration Discovery
  PID:1573
- /usr/bin/cp
  cp sd-ui-files/scripts/start.sh .
  2⤵
  - Reads runtime system information
  - System Network Configuration Discovery
  PID:1574
- /usr/bin/cp
  cp sd-ui-files/scripts/developer_console.sh .
  2⤵
  - Reads runtime system information
  - System Network Configuration Discovery
  PID:1575
- /usr/bin/cp
  cp sd-ui-files/scripts/functions.sh scripts/
  2⤵
  - Reads runtime system information
  - System Network Configuration Discovery
  PID:1576

/tmp/easy-diffusion/scripts/scripts/on_sd_start.sh
./scripts/on_sd_start.sh
1⤵
- System Network Configuration Discovery
PID:1562

Network

No results found

224.0.0.251:5353

73 B
1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

T1016

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Windows 7 deprecation

Loading Replay Monitor...

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.