Analysis
-
max time kernel
19730s -
max time network
165s -
platform
linux_amd64 -
resource
ubuntu1804-amd64-en-20211208 -
resource tags
arch:amd64arch:i386image:ubuntu1804-amd64-en-20211208kernel:4.15.0-161-genericlocale:en-usos:ubuntu-18.04-amd64system -
submitted
25-07-2022 01:29
Behavioral task
behavioral1
Sample
56d9f91dfa4ead57df2eec17ae1de97273eea45b6b6e845a2c5ad45e2e98c28a
Resource
ubuntu1804-amd64-en-20211208
ubuntu-18.04-amd64
3 signatures
150 seconds
General
-
Target
56d9f91dfa4ead57df2eec17ae1de97273eea45b6b6e845a2c5ad45e2e98c28a
-
Size
142KB
-
MD5
e16cdd98cd033011dd71ddd82e4e3a73
-
SHA1
f04db626d9a3646e1baf865ba063c285935fa77d
-
SHA256
56d9f91dfa4ead57df2eec17ae1de97273eea45b6b6e845a2c5ad45e2e98c28a
-
SHA512
56f3f9ec157cc88ce212fc71c49773b7dd0a9a1b830a6e353bf0157a2cf681d95a28f9304638d9cc1493155565b781c70314794e1c4f78f6c5484efdb4232f15
Score
9/10
Malware Config
Signatures
-
Contacts a large (55061) amount of remote hosts 1 TTPs
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows 1 TTPs
This may indicate a network scan to discover remotely running services.
-
Writes file to tmp directory 1 IoCs
Malware often drops required files in the /tmp directory.
description ioc /tmp/56d9f91dfa4ead57df2eec17ae1de97273eea45b6b6e845a2c5ad45e2e98c28a /tmp/56d9f91dfa4ead57df2eec17ae1de97273eea45b6b6e845a2c5ad45e2e98c28a