7a2daa1a923a107747b18273d167b4d97576eb5914c786856b3ba77e112a0e70

Analysis

max time kernel
21180s
max time network
155s
platform
linux_amd64
resource
ubuntu1804-amd64-en-20211208
resource tags

arch:amd64arch:i386image:ubuntu1804-amd64-en-20211208kernel:4.15.0-161-genericlocale:en-usos:ubuntu-18.04-amd64system
submitted
10-08-2022 20:04

Target

39af238ea441f2ab706d742a2cdf1e8e
Size

34KB
MD5

39af238ea441f2ab706d742a2cdf1e8e
SHA1

7d1cc0ab673feef738b2ceeb7b984d6e4aa9f204
SHA256

7a2daa1a923a107747b18273d167b4d97576eb5914c786856b3ba77e112a0e70
SHA512

669b952b7ac1305fe8f9d7fbda4ad0568512a33539f5ae5f4579866cfa567d6218a429d2c88a3bf7e5e2fc2bd8a93f50a32c54ed60c63fa3cc43265df5dd238e

Score

9^/10

discovery

Contacts a large (93223) amount of remote hosts 1 TTPs
This may indicate a network scan to discover remotely running services.
discovery

Network Service Scanning
T1046
Creates a large amount of network flows 1 TTPs
This may indicate a network scan to discover remotely running services.
discovery

Network Service Scanning
T1046
Writes file to tmp directory 1 IoCs
Malware often drops required files in the /tmp directory.

Processes:

39af238ea441f2ab706d742a2cdf1e8e

description ioc process

/tmp/39af238ea441f2ab706d742a2cdf1e8e /tmp/39af238ea441f2ab706d742a2cdf1e8e 39af238ea441f2ab706d742a2cdf1e8e

description	ioc	process
/tmp/39af238ea441f2ab706d742a2cdf1e8e	/tmp/39af238ea441f2ab706d742a2cdf1e8e	39af238ea441f2ab706d742a2cdf1e8e

/tmp/39af238ea441f2ab706d742a2cdf1e8e
/tmp/39af238ea441f2ab706d742a2cdf1e8e
1⤵
- Writes file to tmp directory
PID:577

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Scanning

Lateral Movement

Collection

Command and Control

Exfiltration

Impact