a25b6e88ccbfb17e2710ce66395d3fb7497c7bb39132bcc62f7cfecebc5a96ea | Triage

Sharing

General

Target

sora.x86-20220521-1450
Size

30KB
Sample

220521-r7mejsdacp
MD5

b08f48ad84a0d2ef40d3b4417666a264
SHA1

5c35bca8f3df6d7c5b7debcf5dbecd0f886b1108
SHA256

a25b6e88ccbfb17e2710ce66395d3fb7497c7bb39132bcc62f7cfecebc5a96ea
SHA512

bb6cb70bf7942e3921dd49808d3272c5d0784b50d3e1676598e430b2b38bc2fa8ab55d9bae826d15e10e9cf6c0e30b687bb328d9a73031f0c7cbcaa1a0c909a8

Score

9^/10

discovery linux

Malware Config

Targets

- Target
  
  sora.x86-20220521-1450
- Size
  
  30KB
- MD5
  
  b08f48ad84a0d2ef40d3b4417666a264
- SHA1
  
  5c35bca8f3df6d7c5b7debcf5dbecd0f886b1108
- SHA256
  
  a25b6e88ccbfb17e2710ce66395d3fb7497c7bb39132bcc62f7cfecebc5a96ea
- SHA512
  
  bb6cb70bf7942e3921dd49808d3272c5d0784b50d3e1676598e430b2b38bc2fa8ab55d9bae826d15e10e9cf6c0e30b687bb328d9a73031f0c7cbcaa1a0c909a8
Score

9^/10

discovery
- Contacts a large (20207) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Scanning

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1