493f8a0f3e5e80cce26c62d680626dbedc12d4ff81f71919f6e4a29532a41261 | Triage

Submit
Reports

Overview

overview

Static

static

21137bb49e...89934a

ubuntu-18.04-amd64

9

Analysis

max time kernel
0s
max time network
154s
platform
linux_amd64
resource
ubuntu1804-amd64-en-20211208
resource tags

arch:amd64arch:i386image:ubuntu1804-amd64-en-20211208kernel:4.15.0-161-genericlocale:en-usos:ubuntu-18.04-amd64system
submitted
25-08-2022 16:54

Sharing

Static task

static1

gafgyt mirai mirai_x86corona

6 signatures

Behavioral task

behavioral1

Sample

21137bb49ecf55f00ecaf65e0f89934a

Resource

ubuntu1804-amd64-en-20211208

ubuntu-18.04-amd64

2 signatures

150 seconds

Report Analysis Logs

General

Target

21137bb49ecf55f00ecaf65e0f89934a
Size

169KB
MD5

21137bb49ecf55f00ecaf65e0f89934a
SHA1

9946cc990b029d652aa0e004e8b0c391066959e0
SHA256

493f8a0f3e5e80cce26c62d680626dbedc12d4ff81f71919f6e4a29532a41261
SHA512

702a2c4323932eb068b7b8122e589bb9f35d9d4a694125d13ec00b1303bf65798018d9c9278603718d059321843ecb870ae534b1e51f27e74ca261c4e657a632
SSDEEP

3072:XLzzZSJfrIYmIEBdQQknNsK1JvMSVbNYUegUDmD9oE4gqXaah84:XLzzEr4B5knNr1JvMSVbNYUegUaD9oEq

Score

9^/10

discovery

Malware Config

Signatures

Contacts a large (23514) amount of remote hosts 1 TTPs
This may indicate a network scan to discover remotely running services.
discovery

Network Service Scanning
T1046
Creates a large amount of network flows 1 TTPs
This may indicate a network scan to discover remotely running services.
discovery

Network Service Scanning
T1046

Processes

/tmp/21137bb49ecf55f00ecaf65e0f89934a
/tmp/21137bb49ecf55f00ecaf65e0f89934a
1⤵
PID:569

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Scanning

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2024

Terms | Privacy