6730f5a35c9565db033f981866d13dbba63712cc56e9194cfe180f87480654a3 | Triage

Submit
Reports

Overview

overview

8

Static

static

1

linux.sh

windows10-1703-x64

8

linux.sh

debian-12-armhf

Resubmissions

01-07-2024 04:21

240701-ey6evawdma 3

01-07-2024 04:21

240701-eyyd8szakr 1

01-07-2024 04:20

240701-eyhzjswdkf 1

01-07-2024 04:07

240701-epw5tawbmb 8

01-07-2024 04:06

240701-eph8ysygnp 1

01-07-2024 04:06

240701-en9drawbke 3

01-07-2024 04:04

240701-em4rwawbjb 3

01-07-2024 04:03

240701-emtxnswarf 1

01-07-2024 04:03

240701-emkn1awarc 1

Sharing

General

Target

linux.sh
Size

314B
Sample

240701-epw5tawbmb
MD5

c8eb421ad68efe174d0f7ef0c2e5a205
SHA1

0e769cb5d0be585be860140057f34b45ead449e5
SHA256

6730f5a35c9565db033f981866d13dbba63712cc56e9194cfe180f87480654a3
SHA512

ef76961a2a38b9a37112f38f9fe38860dd096b314343ac48acc3096565a55aef50dafc82335e3a1ef1e1505c6a2e1abc124ddfee40874d33f863ac6162afa6b1

Score

8^/10

discovery execution

Static task

static1

Behavioral task

behavioral1

Sample

linux.sh

Resource

win10-20240404-en

discovery execution

windows10-1703-x64

22 signatures

1800 seconds

Behavioral task

behavioral2

Sample

linux.sh

Resource

debian12-armhf-20240221-en

debian-12-armhf

0 signatures

1800 seconds

Malware Config

Targets

- Target
  
  linux.sh
- Size
  
  314B
- MD5
  
  c8eb421ad68efe174d0f7ef0c2e5a205
- SHA1
  
  0e769cb5d0be585be860140057f34b45ead449e5
- SHA256
  
  6730f5a35c9565db033f981866d13dbba63712cc56e9194cfe180f87480654a3
- SHA512
  
  ef76961a2a38b9a37112f38f9fe38860dd096b314343ac48acc3096565a55aef50dafc82335e3a1ef1e1505c6a2e1abc124ddfee40874d33f863ac6162afa6b1
Score

8^/10

discovery execution
- Downloads MZ/PE file
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Process Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

discoveryexecution

behavioral2

© 2018-2024

Terms | Privacy