5ca4a9f6553fea64ad2c724bf71d0fac2b372f9e7ce2200814c98aac647172fb | Triage

Resubmissions

17-08-2022 13:53

220817-q62meabdc8 10

21-07-2022 15:46

220721-s7pqcageb5 10

24-01-2022 04:58

220124-fl3c4acdfj 5

Analysis

max time kernel
19436s
max time network
148s
platform
linux_amd64
resource
ubuntu1804-amd64-en-20211208
resource tags

arch:amd64arch:i386image:ubuntu1804-amd64-en-20211208kernel:4.15.0-161-genericlocale:en-usos:ubuntu-18.04-amd64system
submitted
21-07-2022 15:46

Sharing

Report Analysis Logs

General

Target

5ca4a9f6553fea64ad2c724bf71d0fac2b372f9e7ce2200814c98aac647172fb
Size

6.6MB
MD5

3a9cdd8a5cbc3ab10ad64c4bb641b41f
SHA1

e45f89c923d0361ce8f9c64a63031860a76b2d10
SHA256

5ca4a9f6553fea64ad2c724bf71d0fac2b372f9e7ce2200814c98aac647172fb
SHA512

2d1d26081637c925fb6ae5f92b278f87a8253fd65a75c44fdc2c513a24dc9e0658c552ebc9c9c76c70ad948c60901e682184a833aae51a8c4d6220e883e05aef

Score

7^/10

Malware Config

Signatures

Unexpected DNS network traffic destination 5 IoCs

Network traffic to other servers than the configured DNS servers was detected on the DNS port.

Processes:

description	ioc
Destination IP	141.98.212.55
Destination IP	141.98.212.55
Destination IP	141.98.212.55
Destination IP	141.98.212.55
Destination IP	141.98.212.55

Reads runtime system information 1 IoCs
Reads data from /proc virtual filesystem.

Processes:

5ca4a9f6553fea64ad2c724bf71d0fac2b372f9e7ce2200814c98aac647172fb

description ioc process

/proc/sys/net/core/somaxconn /proc/sys/net/core/somaxconn 5ca4a9f6553fea64ad2c724bf71d0fac2b372f9e7ce2200814c98aac647172fb

/tmp/5ca4a9f6553fea64ad2c724bf71d0fac2b372f9e7ce2200814c98aac647172fb
/tmp/5ca4a9f6553fea64ad2c724bf71d0fac2b372f9e7ce2200814c98aac647172fb
1⤵
- Reads runtime system information
PID:576

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...