I published the following diary on isc.sans.org: “Malicious Bash Script with Multiple Features“:
It’s not common to find a complex malicious bash script. Usually, bash scripts are used to download a malicious executable and start it. This one has been spotted by @michalmalik who twitted about it. I had a quick look at it. The script has currently a score of 13/50 on VT. First of all, the script installs some tools and dependencies. ‘apt-get’ and ‘yum’ are used, this means that multiple Linux distributions are targeted… [Read more]
[The post [SANS ISC] Malicious Bash Script with Multiple Features has been first published on /dev/random]
Article Link: https://blog.rootshell.be/2018/03/05/sans-isc-malicious-bash-script-multiple-features/