Analysis

  • max time kernel
    0s
  • max time network
    131s
  • platform
    ubuntu-18.04_amd64
  • resource
    ubuntu1804-amd64-20240611-en
  • resource tags

    arch:amd64arch:i386image:ubuntu1804-amd64-20240611-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system
  • submitted
    23-12-2024 15:10

General

  • Target

    Opensea Mint/install_modules.sh

  • Size

    3KB

  • MD5

    05a28430f97b6db328b9f748005718cc

  • SHA1

    da28f7c62b43f2cb97e5b6a2e71eb8199bdbae5c

  • SHA256

    d05559d26e8db46d562314ecc55bb8f0f17518f313cf0f2e0cff690f4240aacf

  • SHA512

    d2f64b14e83b668c03af5c4f9495a7b268a7756220b74df82e54fba0edea3f374e353dd69b9c293cd51fbd6c5ecaea86072ce2895f91a09451bf0cbd2019cbdf

Score
3/10

Malware Config

Signatures

  • System Network Configuration Discovery 1 TTPs 1 IoCs

    Adversaries may gather information about the network configuration of a system.

  • Writes file to tmp directory 2 IoCs

    Malware often drops required files in the /tmp directory.

Processes

  • /tmp/Opensea Mint/install_modules.sh
    "/tmp/Opensea Mint/install_modules.sh"
    1⤵
      PID:1497
      • /usr/bin/cpan
        cpan install Authen::Passphrase::LANManager Authen::Passphrase::MySQL323 Authen::Passphrase::NTHash Authen::Passphrase::PHPass Bitcoin::Crypto Bitcoin::Crypto::Base58 Compress::Zlib Convert::EBCDIC Crypt::AuthEnc::GCM Crypt::CBC Crypt::DES Crypt::DES_EDE3 Crypt::Digest::RIPEMD160 Crypt::Digest::Whirlpool Crypt::ECB Crypt::Eksblowfish::Bcrypt Crypt::GCrypt Crypt::Mode::CBC Crypt::Mode::ECB Crypt::MySQL Crypt::OpenSSH::ChachaPoly Crypt::OpenSSL::EC Crypt::OpenSSL::Bignum::CTX Crypt::PBKDF2 Crypt::RC4 Crypt::Rijndael Crypt::ScryptKDF Crypt::Skip32 Crypt::Twofish Crypt::UnixCrypt_XS Data::Types Digest::BLAKE2 Digest::CMAC Digest::CRC Digest::GOST Digest::HMAC Digest::HMAC_MD5 Digest::Keccak Digest::MD4 Digest::MD5 Digest::MurmurHash3 Digest::Perl::MD5 Digest::SHA Digest::SHA1 Digest::SHA3 Digest::SipHash Encode JSON Math::BigInt MIME::Base64 Net::DNS::RR::NSEC3 Net::DNS::SEC POSIX Text::Iconv
        2⤵
        • System Network Configuration Discovery
        • Writes file to tmp directory
        PID:1498
        • /bin/pwd
          /bin/pwd
          3⤵
            PID:1502

      Network

      MITRE ATT&CK Enterprise v15

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • /CPAN/MyConfig.pm

        Filesize

        3B

        MD5

        c648a70f925757e7e982a5a13d47cfe7

        SHA1

        209ca159a62ed05e5c827fa29a196403ff32b3a6

        SHA256

        97a18ae8e28c3a8e24dc4a46fbb47a8106f7ca3e9e7a2015212caa44bf64db43

        SHA512

        dcc9f08cc27e29764e3714d92592950bf444734309fb7db67cee74351b29aa57d049d012c305fda906cad1ba66beb4b64ea786d236f672a09c5dfeef93367060

      • /CPAN/MyConfig.pm

        Filesize

        1KB

        MD5

        a725f4f74324aad88c8e2a3ad9a9c1c7

        SHA1

        329e842a6f1f12240d0ae1637740cda8e9ce60d4

        SHA256

        ab985a4ec530cb7b33c9193f022a85a7c94a548a52898b80b231c817f2565669

        SHA512

        602df4aa1fb09aeb243eb64d58b7ade7c58d7aa443bcacb995cbb55174cc0934b4c375f55abc26e3b914c4711d6bf85d8020e91cd068db0bfd6cf74e7890a149

      • /tmp/cpan_install_s_dw.txt

        Filesize

        37B

        MD5

        33304d1464ade6714b33773676b00f1e

        SHA1

        872e15e4583f8ad2db173000542eb99fb67ce876

        SHA256

        679a36e7920d08c9789cc2f91473d0986356542d2d84406162d8156fd734aedb

        SHA512

        3a7700b3cc0bc309a0c0d9655d37f26c148ed380053ebd174487486ee2bf3dcea13f074d83aacd3daa1c5f90c9d3589e8cd3c7a520c0f172b8071e2777203bb4