IOC Report

loading gif

Files

File Path
Type
Category
Malicious
Mozi.m.3
ELF 32-bit LSB executable, ARM, EABI4 version 1 (SYSV), statically linked, stripped
initial sample
malicious
/etc/init.d/S95baby.sh
POSIX shell script, ASCII text executable
dropped
malicious
/etc/init.d/console-setup.sh
ASCII text
dropped
malicious
/etc/init.d/hwclock.sh
ASCII text
dropped
malicious
/etc/init.d/keyboard-setup.sh
ASCII text
dropped
malicious
/etc/profile.d/01-locale-fix.sh
ASCII text
dropped
malicious
/etc/profile.d/Z97-byobu.sh
ASCII text
dropped
malicious
/etc/profile.d/Z99-cloud-locale-test.sh
ASCII text
dropped
malicious
/etc/profile.d/Z99-cloudinit-warnings.sh
ASCII text
dropped
malicious
/etc/profile.d/apps-bin-path.sh
ASCII text
dropped
malicious
/etc/profile.d/bash_completion.sh
ASCII text
dropped
malicious
/etc/profile.d/cedilla-portuguese.sh
ASCII text
dropped
malicious
/etc/profile.d/gawk.sh
ASCII text
dropped
malicious
/etc/profile.d/im-config_wayland.sh
ASCII text
dropped
malicious
/etc/profile.d/vte-2.91.sh
ASCII text
dropped
malicious
/etc/profile.d/xdg_dirs_desktop_session.sh
ASCII text
dropped
malicious
/etc/rcS.d/S95baby.sh
POSIX shell script, ASCII text executable
dropped
malicious
/usr/bin/gettext.sh
ASCII text
dropped
malicious
/usr/bin/rescan-scsi-bus.sh
ASCII text
dropped
malicious
/usr/networks
ELF 32-bit LSB executable, ARM, EABI4 version 1 (SYSV), statically linked, stripped
dropped
malicious
/boot/grub/i386-pc/modinfo.sh
ASCII text
dropped
/etc/acpi/asus-keyboard-backlight.sh
ASCII text
dropped
/etc/acpi/asus-wireless.sh
ASCII text
dropped
/etc/acpi/ibm-wireless.sh
ASCII text
dropped
/etc/acpi/tosh-wireless.sh
ASCII text
dropped
/etc/acpi/undock.sh
ASCII text
dropped
/etc/console-setup/cached_setup_font.sh
ASCII text
dropped
/etc/console-setup/cached_setup_keyboard.sh
ASCII text
dropped
/etc/console-setup/cached_setup_terminal.sh
ASCII text
dropped
/etc/gdm3/config-error-dialog.sh
ASCII text
dropped
/etc/wpa_supplicant/action_wpa.sh
ASCII text
dropped
/etc/wpa_supplicant/functions.sh
ASCII text
dropped
/etc/wpa_supplicant/ifupdown.sh
ASCII text
dropped
/tmp/.config
ASCII text
dropped
/usr/share/PackageKit/helpers/test_spawn/search-name.sh
ASCII text
dropped
/usr/share/alsa-base/alsa-info.sh
ASCII text, with very long lines
dropped
/usr/share/alsa/utils.sh
ASCII text
dropped
/usr/share/brltty/initramfs/brltty.sh
ASCII text
dropped
/usr/share/cups/braille/cups-braille.sh
ASCII text, with CR, LF line terminators
dropped
/usr/share/cups/braille/index.sh
ASCII text
dropped
/usr/share/cups/braille/indexv3.sh
ASCII text
dropped
/usr/share/cups/braille/indexv4.sh
ASCII text
dropped
/usr/share/debconf/confmodule.sh
ASCII text
dropped
/usr/share/doc/acpid/examples/ac.sh
ASCII text
dropped
/usr/share/doc/acpid/examples/default.sh
ASCII text
dropped
/usr/share/doc/acpid/examples/powerbtn.sh
ASCII text
dropped
/usr/share/doc/bubblewrap/examples/bubblewrap-shell.sh
ASCII text
dropped
/usr/share/doc/bubblewrap/examples/flatpak-run.sh
ASCII text
dropped
/usr/share/doc/busybox-static/examples/mdev.conf.change_blockdev.sh
ASCII text
dropped
/usr/share/doc/cron/examples/cron-tasks-review.sh
ASCII text
dropped
/usr/share/doc/gawk/examples/network/PostAgent.sh
ASCII text
dropped
/usr/share/doc/gawk/examples/prog/igawk.sh
awk or perl script, ASCII text
dropped
/usr/share/doc/gdb/contrib/ari/create-web-ari-in-src.sh
ASCII text
dropped
/usr/share/doc/gdb/contrib/ari/gdb_find.sh
ASCII text
dropped
/usr/share/doc/gdb/contrib/expect-read1.sh
ASCII text
dropped
/usr/share/doc/gdb/contrib/gdb-add-index.sh
ASCII text
dropped
/usr/share/doc/gdb/contrib/words.sh
ASCII text
dropped
/usr/share/doc/git/contrib/coverage-diff.sh
ASCII text
dropped
/usr/share/doc/git/contrib/credential/netrc/t-git-credential-netrc.sh
ASCII text
dropped
/usr/share/doc/git/contrib/diff-highlight/t/t9400-diff-highlight.sh
ASCII text
dropped
/usr/share/doc/git/contrib/fast-import/git-import.sh
ASCII text
dropped
/usr/share/doc/git/contrib/git-resurrect.sh
ASCII text
dropped
/usr/share/doc/git/contrib/remotes2config.sh
ASCII text
dropped
/usr/share/doc/git/contrib/rerere-train.sh
ASCII text
dropped
/usr/share/doc/git/contrib/subtree/git-subtree.sh
ASCII text
dropped
/usr/share/doc/git/contrib/subtree/t/t7900-subtree.sh
ASCII text
dropped
/usr/share/doc/git/contrib/thunderbird-patch-inline/appp.sh
ASCII text
dropped
/usr/share/doc/git/contrib/update-unicode/update_unicode.sh
ASCII text
dropped
/usr/share/doc/git/contrib/vscode/init.sh
ASCII text
dropped
/usr/share/doc/hddtemp/contribs/analyze/graph-field.sh
ASCII text
dropped
/usr/share/doc/hddtemp/contribs/analyze/hddtemp_monitor.sh
ASCII text
dropped
/usr/share/doc/hddtemp/contribs/hddtemp-all.sh
ASCII text
dropped
/usr/share/doc/lm-sensors/examples/daemon/healthd.sh
ASCII text
dropped
/usr/share/doc/lm-sensors/examples/tellerstats/gather.sh
ASCII text
dropped
/usr/share/doc/lm-sensors/examples/tellerstats/tellerstats.sh
ASCII text
dropped
/usr/share/doc/netcat-openbsd/examples/dist.sh
ASCII text
dropped
/usr/share/doc/popularity-contest/examples/bin/popcon-process.sh
ASCII text
dropped
/usr/share/doc/python3-colorama/examples/demo.sh
ASCII text
dropped
/usr/share/doc/python3-serial/examples/port_publisher.sh
ASCII text
dropped
/usr/share/doc/sg3-utils/examples/sg_persist_tst.sh
ASCII text
dropped
/usr/share/doc/transmission-common/examples/send-email-when-torrent-done.sh
ASCII text
dropped
/usr/share/doc/xdotool/examples/ffsp.sh
ASCII text
dropped
/usr/share/hplip/hplip_clean.sh
ASCII text
dropped