Overview

overview

10

Static

static

meihao.x86

linux_amd64

10

Resubmissions

29-04-2022 05:03

220429-fpqtgagge9 9

29-04-2022 04:57

220429-flrxcsgge2 9

29-04-2022 04:52

220429-fhlaeaggd4 9

29-04-2022 03:41

220429-d8rtrsdbhn 10

Analysis

  • max time kernel
    0s
  • max time network
    154s
  • platform
    linux_amd64
  • resource
    ubuntu1804-amd64-en-20211208
  • submitted
    29-04-2022 03:41

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    meihao.x86

  • Size

    33KB

  • MD5

    f722eaf9fc3198c13964dea1deb4eea1

  • SHA1

    d496ab7503a137ded37976522e6f1a969a40fc9c

  • SHA256

    19336546eb469f6f22bbf58708826714e704d851baea404db3eb09dd6c5fb8c0

  • SHA512

    b41f74ba5e9452ec5102b0bd0e9040b5c37aa411f577163f880aa20c67261a17c6d7a8718ab0875db64a50294a6c2a4d104d204f56b172057847cce9900268f3

Score
10/10
discoverysuricata

Malware Config

Signatures

  • suricata: ET MALWARE JAWS Webserver Unauthenticated Shell Command Execution

    suricata: ET MALWARE JAWS Webserver Unauthenticated Shell Command Execution

    suricata
  • suricata: ET MALWARE Mirai Variant User-Agent (Outbound)

    suricata: ET MALWARE Mirai Variant User-Agent (Outbound)

    suricata
  • Contacts a large (162559) amount of remote hosts 1 TTPs

    This may indicate a network scan to discover remotely running services.

    discovery
  • Creates a large amount of network flows 1 TTPs

    This may indicate a network scan to discover remotely running services.

    discovery

Processes

  • ./meihao.x86
    ./meihao.x86 jaws.exploit
    1⤵
      PID:576

    Network

    MITRE ATT&CK Matrix ATT&CK v6

    Initial Access

    Execution

    Persistence

    Privilege Escalation

    Defense Evasion

    Credential Access

    Discovery

    Network Service Scanning

    2
    T1046

    Lateral Movement

    Collection

    Exfiltration

    Command and Control

    Impact

    Replay Monitor

    Loading Replay Monitor...

    Downloads