4018e635ccec554cd7774cde027e3887b98060e46f279b8a5fb3c35934e9b526

Analysis

max time kernel
0s
max time network
0s
platform
ubuntu-22.04_amd64
resource
ubuntu2204-amd64-20240729-en
resource tags

arch:amd64arch:i386image:ubuntu2204-amd64-20240729-enkernel:5.15.0-105-genericlocale:en-usos:ubuntu-22.04-amd64system
submitted
10-12-2024 14:21

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

easy-diffusion/scripts/on_env_start.sh
Size

1KB
MD5

27211515e2bb499d4dc0cd58e5db6878
SHA1

26d8c5658203d2b3a47f12787f17a21fdd56fa77
SHA256

1359c994ba1f2c8291d77d648cd15a4d3993e79d01c40d811a3cd83b05edc4cc
SHA512

37e3e9c4b3807972b324dbccdf0eedd8093bb1094feb46d5424e442e320739840a9c7eb8be08a93a675e1e37cd1a5061ead01447588fab3ad51547d3a3461a3c

Score

3^/10

discovery

Malware Config

Signatures

Reads runtime system information 9 IoCs

Reads data from /proc virtual filesystem.

discovery

description	ioc	Process
File opened for reading	/proc/filesystems	cp
File opened for reading	/proc/filesystems	cp
File opened for reading	/proc/filesystems	cp
File opened for reading	/proc/filesystems	cp
File opened for reading	/proc/filesystems	cp
File opened for reading	/proc/filesystems	cp
File opened for reading	/proc/filesystems	cp
File opened for reading	/proc/filesystems	cp
File opened for reading	/proc/filesystems	cp

System Network Configuration Discovery 1 TTPs 9 IoCs

Adversaries may gather information about the network configuration of a system.

discovery

System Network Configuration Discovery

T1016

pid	Process
1569	cp
1572	cp
1573	cp
1575	cp
1576	cp
1570	cp
1571	cp
1574	cp
1562	on_sd_start.sh

/tmp/easy-diffusion/scripts/on_env_start.sh
/tmp/easy-diffusion/scripts/on_env_start.sh
1⤵
PID:1562
- /usr/bin/rm
  rm -rf ui
  2⤵
  PID:1567
- /usr/bin/cp
  cp -Rf sd-ui-files/ui .
  2⤵
  - Reads runtime system information
  PID:1568
- /usr/bin/cp
  cp sd-ui-files/scripts/on_sd_start.sh scripts/
  2⤵
  - Reads runtime system information
  - System Network Configuration Discovery
  PID:1569
- /usr/bin/cp
  cp sd-ui-files/scripts/bootstrap.sh scripts/
  2⤵
  - Reads runtime system information
  - System Network Configuration Discovery
  PID:1570
- /usr/bin/cp
  cp sd-ui-files/scripts/check_modules.py scripts/
  2⤵
  - Reads runtime system information
  - System Network Configuration Discovery
  PID:1571
- /usr/bin/cp
  cp sd-ui-files/scripts/get_config.py scripts/
  2⤵
  - Reads runtime system information
  - System Network Configuration Discovery
  PID:1572
- /usr/bin/cp
  cp sd-ui-files/scripts/config.yaml.sample scripts/
  2⤵
  - Reads runtime system information
  - System Network Configuration Discovery
  PID:1573
- /usr/bin/cp
  cp sd-ui-files/scripts/start.sh .
  2⤵
  - Reads runtime system information
  - System Network Configuration Discovery
  PID:1574
- /usr/bin/cp
  cp sd-ui-files/scripts/developer_console.sh .
  2⤵
  - Reads runtime system information
  - System Network Configuration Discovery
  PID:1575
- /usr/bin/cp
  cp sd-ui-files/scripts/functions.sh scripts/
  2⤵
  - Reads runtime system information
  - System Network Configuration Discovery
  PID:1576

/tmp/easy-diffusion/scripts/scripts/on_sd_start.sh
./scripts/on_sd_start.sh
1⤵
- System Network Configuration Discovery
PID:1562

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

T1016

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads