Analysis
-
max time kernel
21745s -
max time network
155s -
platform
linux_amd64 -
resource
ubuntu1804-amd64-en-20211208 -
resource tags
arch:amd64arch:i386image:ubuntu1804-amd64-en-20211208kernel:4.15.0-161-genericlocale:en-usos:ubuntu-18.04-amd64system -
submitted
17-08-2022 09:11
Static task
static1
Behavioral task
behavioral1
Sample
fe62daf76b1632bbd235ec33528195ca
Resource
ubuntu1804-amd64-en-20211208
ubuntu-18.04-amd64
3 signatures
150 seconds
General
-
Target
fe62daf76b1632bbd235ec33528195ca
-
Size
40KB
-
MD5
fe62daf76b1632bbd235ec33528195ca
-
SHA1
c169848923a27a675853075c5069bdff3e3d52ef
-
SHA256
0bb4a239a89fe82cb64543e364864a5f1206b4cd110902438bbe5baa6ad142ea
-
SHA512
81e71a0866ac4d07fa6e2040b8f24853a3699f469a77b739071926076e151643a8cb6e7e832e027a85ec14c12ce0682a64395cb26fc9c93ef7210f9889f47c81
Score
9/10
Malware Config
Signatures
-
Contacts a large (23528) amount of remote hosts 1 TTPs
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows 1 TTPs
This may indicate a network scan to discover remotely running services.
-
Writes file to tmp directory 1 IoCs
Malware often drops required files in the /tmp directory.
Processes:
fe62daf76b1632bbd235ec33528195cadescription ioc process /tmp/fe62daf76b1632bbd235ec33528195ca /tmp/fe62daf76b1632bbd235ec33528195ca fe62daf76b1632bbd235ec33528195ca