Overview

overview

10

Static

static

10

SugarLogic...AWS.sh

ubuntu-18.04-amd64

6

SugarLogic...AWS.sh

debian-9-armhf

6

SugarLogic...AWS.sh

debian-9-mips

6

SugarLogic...AWS.sh

debian-9-mipsel

6

SugarLogic...nge.sh

ubuntu-18.04-amd64

6

SugarLogic...nge.sh

debian-9-armhf

6

SugarLogic...nge.sh

debian-9-mips

6

SugarLogic...nge.sh

debian-9-mipsel

6

SugarLogic...tup.sh

windows7-x64

3

SugarLogic...tup.sh

windows10-2004-x64

3

SugarLogic...bot.sh

windows7-x64

3

SugarLogic...bot.sh

windows10-2004-x64

3

SugarLogic...d_2.sh

ubuntu-18.04-amd64

7

SugarLogic...d_2.sh

debian-9-armhf

7

SugarLogic...d_2.sh

debian-9-mips

7

SugarLogic...d_2.sh

debian-9-mipsel

7

SugarLogic...oit.sh

windows7-x64

3

SugarLogic...oit.sh

windows10-2004-x64

3

SugarLogic...arch64

ubuntu-18.04-amd64

SugarLogic...arch64

debian-9-armhf

SugarLogic...arch64

debian-9-mips

SugarLogic...arch64

debian-9-mipsel

SugarLogic...x86_64

ubuntu-22.04-amd64

10

SugarLogic.../bot_u

ubuntu-22.04-amd64

10

SugarLogic...en2.sh

ubuntu-18.04-amd64

3

SugarLogic...en2.sh

debian-9-armhf

4

SugarLogic...en2.sh

debian-9-mips

3

SugarLogic...en2.sh

debian-9-mipsel

3

SugarLogic...cap.so

ubuntu-22.04-amd64

1

SugarLogic.../mo.sh

ubuntu-18.04-amd64

7

SugarLogic.../mo.sh

debian-9-armhf

7

SugarLogic.../mo.sh

debian-9-mips

10

Analysis

  • max time kernel
    2s
  • max time network
    25s
  • platform
    debian-9_mips
  • resource
    debian9-mipsbe-20240611-en
  • resource tags

    arch:mipsimage:debian9-mipsbe-20240611-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipssystem
  • submitted
    29-12-2024 23:10

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    SugarLogic_#teamtnt_by_@r3dbU7z/kuben2.sh

  • Size

    12KB

  • MD5

    9ae176daeba86137a994770ec4b4510c

  • SHA1

    e7ad20f142e4faad7f37fe06ab6a0e0212387796

  • SHA256

    2d85b47cdb87a81d5fbac6000b8ee89daa1d8a3c8fbb5d2bce7a840dd348ff1d

  • SHA512

    3d63ed3ace00c83a033ec148fb273a98ac45f3026b373772363089bedb1a2a308d2e740e902c45dbccf2fef7a62898465c8ff77877394cbae0caecb8955574f2

  • SSDEEP

    384:mNZtdymLEGTSxEKkNNlVfZlmfklqfClvfvLR9NbpzKxtGWsYgeIuX5SCse5UkNXJ:m5N/Q

Score
3/10
discovery

Malware Config

Signatures

  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

    discovery
  • Writes file to tmp directory 1 IoCs

    Malware often drops required files in the /tmp directory.

Processes

  • /tmp/SugarLogic_#teamtnt_by_@r3dbU7z/kuben2.sh
    "/tmp/SugarLogic_#teamtnt_by_@r3dbU7z/kuben2.sh"
    1⤵
    • Writes file to tmp directory
    PID:744
    • /usr/bin/clear
      clear
      2⤵
        PID:749
      • /usr/bin/timeout
        timeout -s SIGKILL 30 curl -sLk https://:10250/runningpods/
        2⤵
          PID:753
          • /usr/local/sbin/curl
            curl -sLk https://:10250/runningpods/
            3⤵
              PID:756
            • /usr/local/bin/curl
              curl -sLk https://:10250/runningpods/
              3⤵
                PID:756
              • /usr/sbin/curl
                curl -sLk https://:10250/runningpods/
                3⤵
                  PID:756
                • /usr/bin/curl
                  curl -sLk https://:10250/runningpods/
                  3⤵
                  • Reads runtime system information
                  PID:756
              • /bin/rm
                rm -f /tmp/28079117895333
                2⤵
                  PID:762

              Network

              MITRE ATT&CK Matrix

              Replay Monitor

              Loading Replay Monitor...

              Downloads