General

  • Target

    56d9f91dfa4ead57df2eec17ae1de97273eea45b6b6e845a2c5ad45e2e98c28a

  • Size

    142KB

  • Sample

    220725-bwrxwshdbr

  • MD5

    e16cdd98cd033011dd71ddd82e4e3a73

  • SHA1

    f04db626d9a3646e1baf865ba063c285935fa77d

  • SHA256

    56d9f91dfa4ead57df2eec17ae1de97273eea45b6b6e845a2c5ad45e2e98c28a

  • SHA512

    56f3f9ec157cc88ce212fc71c49773b7dd0a9a1b830a6e353bf0157a2cf681d95a28f9304638d9cc1493155565b781c70314794e1c4f78f6c5484efdb4232f15

Malware Config

Targets

    • Target

      56d9f91dfa4ead57df2eec17ae1de97273eea45b6b6e845a2c5ad45e2e98c28a

    • Size

      142KB

    • MD5

      e16cdd98cd033011dd71ddd82e4e3a73

    • SHA1

      f04db626d9a3646e1baf865ba063c285935fa77d

    • SHA256

      56d9f91dfa4ead57df2eec17ae1de97273eea45b6b6e845a2c5ad45e2e98c28a

    • SHA512

      56f3f9ec157cc88ce212fc71c49773b7dd0a9a1b830a6e353bf0157a2cf681d95a28f9304638d9cc1493155565b781c70314794e1c4f78f6c5484efdb4232f15

    Score
    9/10
    • Contacts a large (55061) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Writes file to tmp directory

      Malware often drops required files in the /tmp directory.

MITRE ATT&CK Enterprise v6

Tasks