Analysis
-
max time kernel
21180s -
max time network
155s -
platform
linux_amd64 -
resource
ubuntu1804-amd64-en-20211208 -
resource tags
arch:amd64arch:i386image:ubuntu1804-amd64-en-20211208kernel:4.15.0-161-genericlocale:en-usos:ubuntu-18.04-amd64system -
submitted
10-08-2022 20:04
Static task
static1
Behavioral task
behavioral1
Sample
39af238ea441f2ab706d742a2cdf1e8e
Resource
ubuntu1804-amd64-en-20211208
ubuntu-18.04-amd64
3 signatures
150 seconds
General
-
Target
39af238ea441f2ab706d742a2cdf1e8e
-
Size
34KB
-
MD5
39af238ea441f2ab706d742a2cdf1e8e
-
SHA1
7d1cc0ab673feef738b2ceeb7b984d6e4aa9f204
-
SHA256
7a2daa1a923a107747b18273d167b4d97576eb5914c786856b3ba77e112a0e70
-
SHA512
669b952b7ac1305fe8f9d7fbda4ad0568512a33539f5ae5f4579866cfa567d6218a429d2c88a3bf7e5e2fc2bd8a93f50a32c54ed60c63fa3cc43265df5dd238e
Score
9/10
Malware Config
Signatures
-
Contacts a large (93223) amount of remote hosts 1 TTPs
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows 1 TTPs
This may indicate a network scan to discover remotely running services.
-
Writes file to tmp directory 1 IoCs
Malware often drops required files in the /tmp directory.
Processes:
39af238ea441f2ab706d742a2cdf1e8edescription ioc process /tmp/39af238ea441f2ab706d742a2cdf1e8e /tmp/39af238ea441f2ab706d742a2cdf1e8e 39af238ea441f2ab706d742a2cdf1e8e