General
-
Target
56d9f91dfa4ead57df2eec17ae1de97273eea45b6b6e845a2c5ad45e2e98c28a
-
Size
142KB
-
Sample
220725-bwrxwshdbr
-
MD5
e16cdd98cd033011dd71ddd82e4e3a73
-
SHA1
f04db626d9a3646e1baf865ba063c285935fa77d
-
SHA256
56d9f91dfa4ead57df2eec17ae1de97273eea45b6b6e845a2c5ad45e2e98c28a
-
SHA512
56f3f9ec157cc88ce212fc71c49773b7dd0a9a1b830a6e353bf0157a2cf681d95a28f9304638d9cc1493155565b781c70314794e1c4f78f6c5484efdb4232f15
Malware Config
Targets
-
-
Target
56d9f91dfa4ead57df2eec17ae1de97273eea45b6b6e845a2c5ad45e2e98c28a
-
Size
142KB
-
MD5
e16cdd98cd033011dd71ddd82e4e3a73
-
SHA1
f04db626d9a3646e1baf865ba063c285935fa77d
-
SHA256
56d9f91dfa4ead57df2eec17ae1de97273eea45b6b6e845a2c5ad45e2e98c28a
-
SHA512
56f3f9ec157cc88ce212fc71c49773b7dd0a9a1b830a6e353bf0157a2cf681d95a28f9304638d9cc1493155565b781c70314794e1c4f78f6c5484efdb4232f15
Score9/10-
Contacts a large (55061) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Writes file to tmp directory
Malware often drops required files in the /tmp directory.
-