ioc[.]one - OSINT Cyber Threat Intelligence Database

2024-09-12 SUPERSHELL + 2023-03-13 SHELLBOT Targeting Linux SSH servers Samples

Tags

attack-pattern:

Data Credentials - T1589.001 Cron - T1053.003 Exploits - T1587.004 Exploits - T1588.005 Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Ssh - T1021.004 Default Credentials

Show in Graph

Common Information

Type	Value
UUID	d586fd46-3e9b-47a6-802e-ef63741ac33f
Fingerprint	1531bd7b0999a4cb
Analysis status	DONE
Considered CTI value	2
Text language
Published	Sept. 13, 2024, 1:16 a.m.
Added to db	Sept. 13, 2024, 3:51 a.m.
Last updated	Nov. 12, 2024, 4:57 a.m.
Headline	2024-09-12 SUPERSHELL + 2023-03-13 SHELLBOT Targeting Linux SSH servers Samples
Title	2024-09-12 SUPERSHELL + 2023-03-13 SHELLBOT Targeting Linux SSH servers Samples
Detected Hints/Tags/Attributes	32/1/19

Source URLs

	Redirection	Url
Details	Source	https://malware.news/t/2024-09-12-supershell-2023-03-13-shellbot-targeting-linux-ssh-servers-samples/86335

URL Provider

Details	Provider	Source level domain
Details	malware.news	malware.news

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	158	✔	Malware Analysis, News and Indicators - Latest topics	https://malware.news/latest.rss	2024-08-30 22:08

Attributes

Details	Type	#Events	CTI	Value
Details	Domain	3		ssh1.sh
Details	Domain	4		miner.sh
Details	Domain	36		contagiodump.blogspot.com
Details	Domain	19		contagiominidump.blogspot.com
Details	File	1		2024-09-12-supershell-2023-03-13.html
Details	sha256	2		2220783661db230d0808a5750060950688e2618d462ccbe07f54408154c227c1
Details	sha256	2		b7d62d1a145ddda241e624ef94ab31fcca1a13f79e130d0a704586e35745282a
Details	sha256	1		e476b9c07fcd80824d4eafce0e826ae1c12706ca6215eb6e3995468374bb8a76
Details	sha256	1		f5a26a68344c1ffd136ba73dec9d08f61212872cdba33bd4d7d32733a72e4ed5
Details	sha256	1		0857f90be97326ff45f17ec3f6ce60d9a0f6d8faed34e48527fde5ec30bd5a0d
Details	sha256	1		0c1673e442b945a0aecf60d3970e924b16bd72d46e257bd72927821e4ebbc9ca
Details	sha256	1		1f3c279ea684d5cbdc7004819bf15a160f70b2c79c4affd309f9ab3ad957045b
Details	sha256	1		5ba1d0efb313ccc20e3d5f2476a3db811e15c80c3f1ac73b7a02d80c5c49c728
Details	sha256	1		a26de5b607e3a66af8b7db2c13bcd1c658817649c699f8731db6f237c3c5b1ce
Details	sha256	1		cb80570332e3e32037f426e835d05bdcd276e9e5acfd439027d788dd64dcb47d
Details	sha256	1		157bea84012ca8b8dc6c0eabf80db1f0256eafccf4047d3e4e90c50ed42e69ff
Details	sha256	1		23dbfb99fc6c4fcfc279100c4b6481a7fd3f0b061b8d915604efa2ba37c8ddfa
Details	sha256	1		cf5a7b7c71564a5eef77cc5297b9ffd6cd021eb44c0901ea3957cb2397b43e15
Details	Url	1		https://contagiodump.blogspot.com/2024/09/2024-09-12-supershell-2023-03-13.html