Overview

overview

10

Static

static

10

5efc2c9b0d...1047c2

ubuntu-18.04-amd64

6

Analysis

  • max time kernel
    0s
  • max time network
    156s
  • platform
    linux_amd64
  • resource
    ubuntu1804-amd64-en-20211208
  • resource tags

    arch:amd64arch:i386image:ubuntu1804-amd64-en-20211208kernel:4.15.0-161-genericlocale:en-usos:ubuntu-18.04-amd64system
  • submitted
    31-07-2022 18:38

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5efc2c9b0d186f29cf35e65c892b5e054c45eb48a120f7ca295c1d69d91047c2

  • Size

    93KB

  • MD5

    33a6ea39fbc44893983948735194c6d0

  • SHA1

    2d4b4b854ca9e0bbd9e78182cb713dff8a5144a1

  • SHA256

    5efc2c9b0d186f29cf35e65c892b5e054c45eb48a120f7ca295c1d69d91047c2

  • SHA512

    000ea698746ec2232cdf4ad0c42ec7dea82e6e3175a44f09eb69b262d5f54b2ccec598563ee340e084c9c5c1ff2c79993c62639c553153b3d6fac53561d1e49c

Score
6/10
discovery

Malware Config

Signatures

  • Creates a large amount of network flows 1 TTPs

    This may indicate a network scan to discover remotely running services.

    discovery
  • Writes file to tmp directory 1 IoCs

    Malware often drops required files in the /tmp directory.

Processes

  • /tmp/5efc2c9b0d186f29cf35e65c892b5e054c45eb48a120f7ca295c1d69d91047c2
    /tmp/5efc2c9b0d186f29cf35e65c892b5e054c45eb48a120f7ca295c1d69d91047c2
    1⤵
    • Writes file to tmp directory
    PID:581

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Scanning

1
T1046

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads