0bb4a239a89fe82cb64543e364864a5f1206b4cd110902438bbe5baa6ad142ea

Analysis

max time kernel
21745s
max time network
155s
platform
linux_amd64
resource
ubuntu1804-amd64-en-20211208
resource tags

arch:amd64arch:i386image:ubuntu1804-amd64-en-20211208kernel:4.15.0-161-genericlocale:en-usos:ubuntu-18.04-amd64system
submitted
17-08-2022 09:11

Target

fe62daf76b1632bbd235ec33528195ca
Size

40KB
MD5

fe62daf76b1632bbd235ec33528195ca
SHA1

c169848923a27a675853075c5069bdff3e3d52ef
SHA256

0bb4a239a89fe82cb64543e364864a5f1206b4cd110902438bbe5baa6ad142ea
SHA512

81e71a0866ac4d07fa6e2040b8f24853a3699f469a77b739071926076e151643a8cb6e7e832e027a85ec14c12ce0682a64395cb26fc9c93ef7210f9889f47c81

Score

9^/10

discovery

Contacts a large (23528) amount of remote hosts 1 TTPs
This may indicate a network scan to discover remotely running services.
discovery

Network Service Scanning
T1046
Creates a large amount of network flows 1 TTPs
This may indicate a network scan to discover remotely running services.
discovery

Network Service Scanning
T1046
Writes file to tmp directory 1 IoCs
Malware often drops required files in the /tmp directory.

Processes:

fe62daf76b1632bbd235ec33528195ca

description ioc process

/tmp/fe62daf76b1632bbd235ec33528195ca /tmp/fe62daf76b1632bbd235ec33528195ca fe62daf76b1632bbd235ec33528195ca

description	ioc	process
/tmp/fe62daf76b1632bbd235ec33528195ca	/tmp/fe62daf76b1632bbd235ec33528195ca	fe62daf76b1632bbd235ec33528195ca

/tmp/fe62daf76b1632bbd235ec33528195ca
/tmp/fe62daf76b1632bbd235ec33528195ca
1⤵
- Writes file to tmp directory
PID:576

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Scanning

Lateral Movement

Collection

Command and Control

Exfiltration

Impact