Analysis
-
max time kernel
0s -
max time network
156s -
platform
linux_amd64 -
resource
ubuntu1804-amd64-en-20211208 -
resource tags
arch:amd64arch:i386image:ubuntu1804-amd64-en-20211208kernel:4.15.0-161-genericlocale:en-usos:ubuntu-18.04-amd64system -
submitted
31-07-2022 18:38
Behavioral task
behavioral1
Sample
5efc2c9b0d186f29cf35e65c892b5e054c45eb48a120f7ca295c1d69d91047c2
Resource
ubuntu1804-amd64-en-20211208
ubuntu-18.04-amd64
2 signatures
150 seconds
General
-
Target
5efc2c9b0d186f29cf35e65c892b5e054c45eb48a120f7ca295c1d69d91047c2
-
Size
93KB
-
MD5
33a6ea39fbc44893983948735194c6d0
-
SHA1
2d4b4b854ca9e0bbd9e78182cb713dff8a5144a1
-
SHA256
5efc2c9b0d186f29cf35e65c892b5e054c45eb48a120f7ca295c1d69d91047c2
-
SHA512
000ea698746ec2232cdf4ad0c42ec7dea82e6e3175a44f09eb69b262d5f54b2ccec598563ee340e084c9c5c1ff2c79993c62639c553153b3d6fac53561d1e49c
Score
6/10
Malware Config
Signatures
-
Creates a large amount of network flows 1 TTPs
This may indicate a network scan to discover remotely running services.
-
Writes file to tmp directory 1 IoCs
Malware often drops required files in the /tmp directory.
description ioc Process /tmp/5efc2c9b0d186f29cf35e65c892b5e054c45eb48a120f7ca295c1d69d91047c2 /tmp/5efc2c9b0d186f29cf35e65c892b5e054c45eb48a120f7ca295c1d69d91047c2 5efc2c9b0d186f29cf35e65c892b5e054c45eb48a120f7ca295c1d69d91047c2