fd1dcf0e58e81ab6370f5e67d92f2e649c9646f6d3eec86cbb63a002023baf3f

Analysis

max time kernel
21677s
max time network
155s
platform
linux_amd64
resource
ubuntu1804-amd64-en-20211208
resource tags

arch:amd64arch:i386image:ubuntu1804-amd64-en-20211208kernel:4.15.0-161-genericlocale:en-usos:ubuntu-18.04-amd64system
submitted
16-08-2022 14:07

Target

b31b2b5ab1bb6e4506b93288b1072556
Size

53KB
MD5

b31b2b5ab1bb6e4506b93288b1072556
SHA1

d42bef6cf6d944afbbd41eeb24e360ed4bc97baf
SHA256

fd1dcf0e58e81ab6370f5e67d92f2e649c9646f6d3eec86cbb63a002023baf3f
SHA512

ded0621ffad59fb862751c14360afdc50a80ed7e737e93f300d35d8649bc2eb1d227b2296ebd666cb3ef4263984bc5c4ea6b3a1d01d27daea96d044cee05b03a

Score

9^/10

discovery

Contacts a large (24150) amount of remote hosts 1 TTPs
This may indicate a network scan to discover remotely running services.
discovery

Network Service Scanning
T1046
Creates a large amount of network flows 1 TTPs
This may indicate a network scan to discover remotely running services.
discovery

Network Service Scanning
T1046
Writes file to tmp directory 1 IoCs
Malware often drops required files in the /tmp directory.

Processes:

b31b2b5ab1bb6e4506b93288b1072556

description ioc process

/tmp/b31b2b5ab1bb6e4506b93288b1072556 /tmp/b31b2b5ab1bb6e4506b93288b1072556 b31b2b5ab1bb6e4506b93288b1072556

description	ioc	process
/tmp/b31b2b5ab1bb6e4506b93288b1072556	/tmp/b31b2b5ab1bb6e4506b93288b1072556	b31b2b5ab1bb6e4506b93288b1072556

/tmp/b31b2b5ab1bb6e4506b93288b1072556
/tmp/b31b2b5ab1bb6e4506b93288b1072556
1⤵
- Writes file to tmp directory
PID:577

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Scanning

Lateral Movement

Collection

Command and Control

Exfiltration

Impact