Overview

overview

9

Static

static

252c15fc86...9b93c4

linux_amd64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    252c15fc868dfd2370374016aa309ace7403643d7f27d9c5bcaf31483c9b93c4

  • Size

    45KB

  • Sample

    220521-p66qpaggf2

  • MD5

    2a56e59cab580e5125bbe11b8bb4c185

  • SHA1

    f50c10eda515a030333ce5fbb3791eb911bd1b8d

  • SHA256

    252c15fc868dfd2370374016aa309ace7403643d7f27d9c5bcaf31483c9b93c4

  • SHA512

    145aab5698dec4cb526d01dcc19a30cc0475e5fa8f958c98eb0ff79125482825215872b9d005fe186287d4596f8e5bbc3c329c480a06f506c09f41c574dbb893

Score
9/10
discoverylinux

Malware Config

Targets

    • Target

      252c15fc868dfd2370374016aa309ace7403643d7f27d9c5bcaf31483c9b93c4

    • Size

      45KB

    • MD5

      2a56e59cab580e5125bbe11b8bb4c185

    • SHA1

      f50c10eda515a030333ce5fbb3791eb911bd1b8d

    • SHA256

      252c15fc868dfd2370374016aa309ace7403643d7f27d9c5bcaf31483c9b93c4

    • SHA512

      145aab5698dec4cb526d01dcc19a30cc0475e5fa8f958c98eb0ff79125482825215872b9d005fe186287d4596f8e5bbc3c329c480a06f506c09f41c574dbb893

    Score
    9/10
    discovery

    • Contacts a large (214225) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery
    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Scanning

2
T1046

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks