37670f71a35213217cab145aa7e262e0e46e411007b2d68f26e74c3d44693e95

Resubmissions

02-01-2025 21:21

250102-z7fk1ayqer 9

23-12-2024 15:10

241223-skg2zssrgn 10

Analysis

max time kernel
4s
platform
debian-9_armhf
resource
debian9-armhf-20240418-en
resource tags

arch:armhfimage:debian9-armhf-20240418-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
submitted
23-12-2024 15:10

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Opensea Mint/install_modules.sh
Size

3KB
MD5

05a28430f97b6db328b9f748005718cc
SHA1

da28f7c62b43f2cb97e5b6a2e71eb8199bdbae5c
SHA256

d05559d26e8db46d562314ecc55bb8f0f17518f313cf0f2e0cff690f4240aacf
SHA512

d2f64b14e83b668c03af5c4f9495a7b268a7756220b74df82e54fba0edea3f374e353dd69b9c293cd51fbd6c5ecaea86072ce2895f91a09451bf0cbd2019cbdf

Score

3^/10

discovery

Malware Config

Signatures

System Network Configuration Discovery 1 TTPs 1 IoCs

Adversaries may gather information about the network configuration of a system.

discovery

System Network Configuration Discovery

T1016

pid	Process
651	cpan

Writes file to tmp directory 2 IoCs

Malware often drops required files in the /tmp directory.

description	ioc	Process
File opened for modification	/tmp/cpan_install_RBDO.txt	cpan
File opened for modification	/tmp/cpan_install_aujd.txt	cpan

/tmp/Opensea Mint/install_modules.sh
"/tmp/Opensea Mint/install_modules.sh"
1⤵
PID:649
- /usr/bin/cpan
  cpan install Authen::Passphrase::LANManager Authen::Passphrase::MySQL323 Authen::Passphrase::NTHash Authen::Passphrase::PHPass Bitcoin::Crypto Bitcoin::Crypto::Base58 Compress::Zlib Convert::EBCDIC Crypt::AuthEnc::GCM Crypt::CBC Crypt::DES Crypt::DES_EDE3 Crypt::Digest::RIPEMD160 Crypt::Digest::Whirlpool Crypt::ECB Crypt::Eksblowfish::Bcrypt Crypt::GCrypt Crypt::Mode::CBC Crypt::Mode::ECB Crypt::MySQL Crypt::OpenSSH::ChachaPoly Crypt::OpenSSL::EC Crypt::OpenSSL::Bignum::CTX Crypt::PBKDF2 Crypt::RC4 Crypt::Rijndael Crypt::ScryptKDF Crypt::Skip32 Crypt::Twofish Crypt::UnixCrypt_XS Data::Types Digest::BLAKE2 Digest::CMAC Digest::CRC Digest::GOST Digest::HMAC Digest::HMAC_MD5 Digest::Keccak Digest::MD4 Digest::MD5 Digest::MurmurHash3 Digest::Perl::MD5 Digest::SHA Digest::SHA1 Digest::SHA3 Digest::SipHash Encode JSON Math::BigInt MIME::Base64 Net::DNS::RR::NSEC3 Net::DNS::SEC POSIX Text::Iconv
  2⤵
  - System Network Configuration Discovery
  - Writes file to tmp directory
  PID:651
- - /bin/pwd
    /bin/pwd
    3⤵
    PID:675

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

T1016

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/CPAN/MyConfig.pm

Filesize
3B

MD5
c648a70f925757e7e982a5a13d47cfe7

SHA1
209ca159a62ed05e5c827fa29a196403ff32b3a6

SHA256
97a18ae8e28c3a8e24dc4a46fbb47a8106f7ca3e9e7a2015212caa44bf64db43

SHA512
dcc9f08cc27e29764e3714d92592950bf444734309fb7db67cee74351b29aa57d049d012c305fda906cad1ba66beb4b64ea786d236f672a09c5dfeef93367060

Download Submit
/CPAN/MyConfig.pm

Filesize
1KB

MD5
96a7bf3ef6bbfcfa7c3b5927bc4461a6

SHA1
58ab269b7d6ccf865bd853e33d6bcddd4e0b5bb7

SHA256
78cdb0898709cd5836a8b9a676a21029666ad867556090eece698614fb493eae

SHA512
88bc75a01356f93dedfe49b321d90ef0ef9eb5d6403e4cf10bd796672e40addd22ba971ef1d0cc84fdaf29962070f718b6beb9d1e6f2846aba06dab9b2250ba9

Download Submit
/tmp/cpan_install_RBDO.txt

Filesize
37B

MD5
33304d1464ade6714b33773676b00f1e

SHA1
872e15e4583f8ad2db173000542eb99fb67ce876

SHA256
679a36e7920d08c9789cc2f91473d0986356542d2d84406162d8156fd734aedb

SHA512
3a7700b3cc0bc309a0c0d9655d37f26c148ed380053ebd174487486ee2bf3dcea13f074d83aacd3daa1c5f90c9d3589e8cd3c7a520c0f172b8071e2777203bb4

Download Submit