Overview

overview

10

Static

static

10

SugarLogic...AWS.sh

ubuntu-18.04-amd64

6

SugarLogic...AWS.sh

debian-9-armhf

6

SugarLogic...AWS.sh

debian-9-mips

6

SugarLogic...AWS.sh

debian-9-mipsel

6

SugarLogic...nge.sh

ubuntu-18.04-amd64

6

SugarLogic...nge.sh

debian-9-armhf

6

SugarLogic...nge.sh

debian-9-mips

6

SugarLogic...nge.sh

debian-9-mipsel

6

SugarLogic...tup.sh

windows7-x64

3

SugarLogic...tup.sh

windows10-2004-x64

3

SugarLogic...bot.sh

windows7-x64

3

SugarLogic...bot.sh

windows10-2004-x64

3

SugarLogic...d_2.sh

ubuntu-18.04-amd64

7

SugarLogic...d_2.sh

debian-9-armhf

7

SugarLogic...d_2.sh

debian-9-mips

7

SugarLogic...d_2.sh

debian-9-mipsel

7

SugarLogic...oit.sh

windows7-x64

3

SugarLogic...oit.sh

windows10-2004-x64

3

SugarLogic...arch64

ubuntu-18.04-amd64

SugarLogic...arch64

debian-9-armhf

SugarLogic...arch64

debian-9-mips

SugarLogic...arch64

debian-9-mipsel

SugarLogic...x86_64

ubuntu-22.04-amd64

10

SugarLogic.../bot_u

ubuntu-22.04-amd64

10

SugarLogic...en2.sh

ubuntu-18.04-amd64

3

SugarLogic...en2.sh

debian-9-armhf

4

SugarLogic...en2.sh

debian-9-mips

3

SugarLogic...en2.sh

debian-9-mipsel

3

SugarLogic...cap.so

ubuntu-22.04-amd64

1

SugarLogic.../mo.sh

ubuntu-18.04-amd64

7

SugarLogic.../mo.sh

debian-9-armhf

7

SugarLogic.../mo.sh

debian-9-mips

10

Analysis

  • max time kernel
    0s
  • max time network
    131s
  • platform
    ubuntu-18.04_amd64
  • resource
    ubuntu1804-amd64-20240729-en
  • resource tags

    arch:amd64arch:i386image:ubuntu1804-amd64-20240729-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system
  • submitted
    29-12-2024 23:10

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    SugarLogic_#teamtnt_by_@r3dbU7z/kuben2.sh

  • Size

    12KB

  • MD5

    9ae176daeba86137a994770ec4b4510c

  • SHA1

    e7ad20f142e4faad7f37fe06ab6a0e0212387796

  • SHA256

    2d85b47cdb87a81d5fbac6000b8ee89daa1d8a3c8fbb5d2bce7a840dd348ff1d

  • SHA512

    3d63ed3ace00c83a033ec148fb273a98ac45f3026b373772363089bedb1a2a308d2e740e902c45dbccf2fef7a62898465c8ff77877394cbae0caecb8955574f2

  • SSDEEP

    384:mNZtdymLEGTSxEKkNNlVfZlmfklqfClvfvLR9NbpzKxtGWsYgeIuX5SCse5UkNXJ:m5N/Q

Score
3/10

Malware Config

Signatures

  • Writes file to tmp directory 1 IoCs

    Malware often drops required files in the /tmp directory.

Processes

  • /tmp/SugarLogic_#teamtnt_by_@r3dbU7z/kuben2.sh
    "/tmp/SugarLogic_#teamtnt_by_@r3dbU7z/kuben2.sh"
    1⤵
    • Writes file to tmp directory
    PID:1505
    • /usr/bin/clear
      clear
      2⤵
        PID:1506
      • /usr/bin/timeout
        timeout -s SIGKILL 30 curl -sLk https://:10250/runningpods/
        2⤵
          PID:1507
          • /usr/local/sbin/curl
            curl -sLk https://:10250/runningpods/
            3⤵
              PID:1509
            • /usr/local/bin/curl
              curl -sLk https://:10250/runningpods/
              3⤵
                PID:1509
              • /usr/sbin/curl
                curl -sLk https://:10250/runningpods/
                3⤵
                  PID:1509
                • /usr/bin/curl
                  curl -sLk https://:10250/runningpods/
                  3⤵
                    PID:1509
                • /bin/rm
                  rm -f /tmp/126442087823540
                  2⤵
                    PID:1511

                Network

                MITRE ATT&CK Matrix

                Replay Monitor

                Loading Replay Monitor...

                Downloads