2e71b35988f9de25d9c26be0da2ceef3d1569d8744cdb3b88e8b8ffcf5666b33

Analysis

max time kernel
21577s
max time network
154s
platform
linux_amd64
resource
ubuntu1804-amd64-en-20211208
resource tags

arch:amd64arch:i386image:ubuntu1804-amd64-en-20211208kernel:4.15.0-161-genericlocale:en-usos:ubuntu-18.04-amd64system
submitted
15-08-2022 10:25

Target

5e02212854aaa978948f65b9702ff2d7
Size

34KB
MD5

5e02212854aaa978948f65b9702ff2d7
SHA1

bc3da3cef0774f69bf72442f19f8833c17101491
SHA256

2e71b35988f9de25d9c26be0da2ceef3d1569d8744cdb3b88e8b8ffcf5666b33
SHA512

dbde1e87d8bc21df514d0e68581b88d0ec4895e833fd6c20c5eaa9de0ba9d532e75603dde3e1868c65f0b6d9ff85b3753f91f3a4a6c29811172acd05b235b318

Score

9^/10

discovery

Contacts a large (94845) amount of remote hosts 1 TTPs
This may indicate a network scan to discover remotely running services.
discovery

Network Service Scanning
T1046
Creates a large amount of network flows 1 TTPs
This may indicate a network scan to discover remotely running services.
discovery

Network Service Scanning
T1046
Writes file to tmp directory 1 IoCs
Malware often drops required files in the /tmp directory.

Processes:

5e02212854aaa978948f65b9702ff2d7

description ioc process

/tmp/5e02212854aaa978948f65b9702ff2d7 /tmp/5e02212854aaa978948f65b9702ff2d7 5e02212854aaa978948f65b9702ff2d7

description	ioc	process
/tmp/5e02212854aaa978948f65b9702ff2d7	/tmp/5e02212854aaa978948f65b9702ff2d7	5e02212854aaa978948f65b9702ff2d7

/tmp/5e02212854aaa978948f65b9702ff2d7
/tmp/5e02212854aaa978948f65b9702ff2d7
1⤵
- Writes file to tmp directory
PID:576

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Scanning

Lateral Movement

Collection

Command and Control

Exfiltration

Impact