Analysis
-
max time kernel
21699s -
max time network
154s -
platform
linux_amd64 -
resource
ubuntu1804-amd64-en-20211208 -
resource tags
arch:amd64arch:i386image:ubuntu1804-amd64-en-20211208kernel:4.15.0-161-genericlocale:en-usos:ubuntu-18.04-amd64system -
submitted
16-08-2022 20:27
Behavioral task
behavioral1
Sample
139683a281c4a5a33ed4d50e8030921e
Resource
ubuntu1804-amd64-en-20211208
ubuntu-18.04-amd64
3 signatures
150 seconds
General
-
Target
139683a281c4a5a33ed4d50e8030921e
-
Size
48KB
-
MD5
139683a281c4a5a33ed4d50e8030921e
-
SHA1
ab6c534b5af1bc7e114bcb89e03549a454a987a0
-
SHA256
b5cb0102444a624406717ec452ae6c981bd0b40351e08d84009fd81453a0daa2
-
SHA512
9cb9b7ea13c6953ee3ba5c7950997b28aad14d9f11d531d5500f1e526c9f2e6c6cf1425eefc657544a9803dddd16143b029ded9c14878a12fb4b0092966b7f68
Score
9/10
Malware Config
Signatures
-
Contacts a large (23515) amount of remote hosts 1 TTPs
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows 1 TTPs
This may indicate a network scan to discover remotely running services.
-
Writes file to tmp directory 1 IoCs
Malware often drops required files in the /tmp directory.
Processes:
139683a281c4a5a33ed4d50e8030921edescription ioc process /tmp/139683a281c4a5a33ed4d50e8030921e /tmp/139683a281c4a5a33ed4d50e8030921e 139683a281c4a5a33ed4d50e8030921e