General
-
Target
fx_unpack
-
Size
128KB
-
Sample
220706-kzml1schc3
-
MD5
891928e9c2b78e9f73611efc22e1bde1
-
SHA1
f3fed580bfd40aaea551bb10dbb52bf29f2de616
-
SHA256
9cfc0d61c98aec746bde879a6150c87208c6256e664b854d9da77c7cfd6f6cc2
-
SHA512
fe714bba34a4e25febd6785a6c09ec0e67c0df4a768e6680ba6101963a832945669bf331b5c427bcecaa5fb0d3b2eb83d4d6f5590d065e669f2fa03586954844
Malware Config
Targets
-
-
Target
fx_unpack
-
Size
128KB
-
MD5
891928e9c2b78e9f73611efc22e1bde1
-
SHA1
f3fed580bfd40aaea551bb10dbb52bf29f2de616
-
SHA256
9cfc0d61c98aec746bde879a6150c87208c6256e664b854d9da77c7cfd6f6cc2
-
SHA512
fe714bba34a4e25febd6785a6c09ec0e67c0df4a768e6680ba6101963a832945669bf331b5c427bcecaa5fb0d3b2eb83d4d6f5590d065e669f2fa03586954844
Score10/10-
suricata: ET MALWARE JAWS Webserver Unauthenticated Shell Command Execution
suricata: ET MALWARE JAWS Webserver Unauthenticated Shell Command Execution
-
suricata: ET MALWARE Mirai Variant User-Agent (Outbound)
suricata: ET MALWARE Mirai Variant User-Agent (Outbound)
-
Contacts a large (544660) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-