Everybody Loves Bash Scripts. Including Attackers. - SANS Internet Storm Center
Tags
country: Singapore
attack-pattern: Credentials - T1589.001 Ip Addresses - T1590.005 Ssh - T1021.004
Show in Graph
Common Information
Type Value
UUID 6b250f04-7bf1-49c9-997c-c9b2d7e97bfe
Fingerprint 94407f69e7e313e6
Analysis status DONE
Considered CTI value 0
Text language
Published Oct. 23, 2024, midnight
Added to db Oct. 23, 2024, 4:21 p.m.
Last updated Nov. 17, 2024, 4:47 p.m.
Headline Internet Storm Center
Title Everybody Loves Bash Scripts. Including Attackers. - SANS Internet Storm Center
Detected Hints/Tags/Attributes 21/2/20
Source URLs
Redirection Url
Details Source https://isc.sans.edu/diary/rss/31376
URL Provider
Details Provider Source level domain
Details sans.edu isc.sans.edu
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 142 SANS Internet Storm Center, InfoCON: green https://isc.sans.edu/rssfeed_full.xml 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 1 
wp-backup.sh
Details Domain 1 
submit.sh
Details Domain 1 
stage-deploy.sh
Details Domain 1 
driverenv.sh
Details Domain 1 
s3.sh
Details Domain 1 
run-deploy.sh
Details Domain 1 
passwords.sh
Details Domain 2 
library.sh
Details Domain 14 
installer.sh
Details Domain 1 
envvars.sh
Details Domain 1 
driver.sh
Details Domain 3 
startup.sh
Details Domain 1 
develop.sh
Details Domain 1 
bucket.sh
Details Domain 1 
aws-env.sh
Details Domain 1 
startups.sh
Details Domain 71 
sans.edu
Details File 1204 
index.php
Details IPv4 1 
179.43.191.19
Details IPv4 1 
37.60.229.171