ab0df35e7866d8841fc8976de6ce56d2e90ed9af1f2602f2895628050dea63b8

Analysis

max time kernel
0s
max time network
155s
platform
linux_amd64
resource
ubuntu1804-amd64-en-20211208
resource tags

arch:amd64arch:i386image:ubuntu1804-amd64-en-20211208kernel:4.15.0-161-genericlocale:en-usos:ubuntu-18.04-amd64system
submitted
16-08-2022 11:18

Target

i586-20220816-1117
Size

61KB
MD5

51908da10302f478e101fc8d27c250ca
SHA1

706de82795d4cbed7a51d2f5beec2f8150ebb8a6
SHA256

ab0df35e7866d8841fc8976de6ce56d2e90ed9af1f2602f2895628050dea63b8
SHA512

c8121cc15cb8628c946d68ee8592f1d8ffe05779b233094db0d47252cdad677c61e13ce2798afec3f3a1c14f52e418b0541ed589719692fbddfa7484248f2531

Score

9^/10

discovery

Contacts a large (23670) amount of remote hosts 1 TTPs
This may indicate a network scan to discover remotely running services.
discovery

Network Service Scanning
T1046
Creates a large amount of network flows 1 TTPs
This may indicate a network scan to discover remotely running services.
discovery

Network Service Scanning
T1046
Writes file to tmp directory 1 IoCs
Malware often drops required files in the /tmp directory.

Processes:

i586-20220816-1117

description ioc process

/tmp/i586-20220816-1117 /tmp/i586-20220816-1117 i586-20220816-1117

description	ioc	process
/tmp/i586-20220816-1117	/tmp/i586-20220816-1117	i586-20220816-1117

/tmp/i586-20220816-1117
/tmp/i586-20220816-1117
1⤵
- Writes file to tmp directory
PID:571

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Scanning

Lateral Movement

Collection

Command and Control

Exfiltration

Impact