Analysis
-
max time kernel
21677s -
max time network
155s -
platform
linux_amd64 -
resource
ubuntu1804-amd64-en-20211208 -
resource tags
arch:amd64arch:i386image:ubuntu1804-amd64-en-20211208kernel:4.15.0-161-genericlocale:en-usos:ubuntu-18.04-amd64system -
submitted
16-08-2022 14:07
Behavioral task
behavioral1
Sample
b31b2b5ab1bb6e4506b93288b1072556
Resource
ubuntu1804-amd64-en-20211208
ubuntu-18.04-amd64
3 signatures
150 seconds
General
-
Target
b31b2b5ab1bb6e4506b93288b1072556
-
Size
53KB
-
MD5
b31b2b5ab1bb6e4506b93288b1072556
-
SHA1
d42bef6cf6d944afbbd41eeb24e360ed4bc97baf
-
SHA256
fd1dcf0e58e81ab6370f5e67d92f2e649c9646f6d3eec86cbb63a002023baf3f
-
SHA512
ded0621ffad59fb862751c14360afdc50a80ed7e737e93f300d35d8649bc2eb1d227b2296ebd666cb3ef4263984bc5c4ea6b3a1d01d27daea96d044cee05b03a
Score
9/10
Malware Config
Signatures
-
Contacts a large (24150) amount of remote hosts 1 TTPs
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows 1 TTPs
This may indicate a network scan to discover remotely running services.
-
Writes file to tmp directory 1 IoCs
Malware often drops required files in the /tmp directory.
Processes:
b31b2b5ab1bb6e4506b93288b1072556description ioc process /tmp/b31b2b5ab1bb6e4506b93288b1072556 /tmp/b31b2b5ab1bb6e4506b93288b1072556 b31b2b5ab1bb6e4506b93288b1072556