Overview

overview

10

Static

static

903b7fccc8...c46c02

debian-9-mips

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    903b7fccc80816eee6ecffad04c04f08d63c9d073ec0ccd4ba5c1b4af9c46c02

  • Size

    31KB

  • Sample

    220724-2qvppsbfhm

  • MD5

    5ab3be407ea5a07f447612e7b621356f

  • SHA1

    d08b539376be3a5b9507a8270f324c123520d6ba

  • SHA256

    903b7fccc80816eee6ecffad04c04f08d63c9d073ec0ccd4ba5c1b4af9c46c02

  • SHA512

    e1d8d14e7666b1b14d503c19eb5efa566a1fcad4ab8ea2c1c7a55f39043f38cbdfef48360ffdec304eafd8f945b22f2bd5b91a9398cfff8578fb96aa595f1c4e

Score
10/10
discoverysuricata

Malware Config

Targets

    • Target

      903b7fccc80816eee6ecffad04c04f08d63c9d073ec0ccd4ba5c1b4af9c46c02

    • Size

      31KB

    • MD5

      5ab3be407ea5a07f447612e7b621356f

    • SHA1

      d08b539376be3a5b9507a8270f324c123520d6ba

    • SHA256

      903b7fccc80816eee6ecffad04c04f08d63c9d073ec0ccd4ba5c1b4af9c46c02

    • SHA512

      e1d8d14e7666b1b14d503c19eb5efa566a1fcad4ab8ea2c1c7a55f39043f38cbdfef48360ffdec304eafd8f945b22f2bd5b91a9398cfff8578fb96aa595f1c4e

    Score
    10/10
    discoverysuricata

    • suricata: ET MALWARE Dark Nexus IoT Variant User-Agent (Outbound)

      suricata: ET MALWARE Dark Nexus IoT Variant User-Agent (Outbound)

      suricata

    • Contacts a large (36983) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Reads runtime system information

      Reads data from /proc virtual filesystem.

    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Scanning

2
T1046

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks