Analysis
-
max time kernel
0s -
max time network
154s -
platform
linux_amd64 -
resource
ubuntu1804-amd64-en-20211208 -
resource tags
arch:amd64arch:i386image:ubuntu1804-amd64-en-20211208kernel:4.15.0-161-genericlocale:en-usos:ubuntu-18.04-amd64system -
submitted
27-11-2022 07:42
Static task
static1
Behavioral task
behavioral1
Sample
b181807b9fc6e721183e9c84a63f9c2c6a00665f6a2d3ee04c95740598f45ba9
Resource
ubuntu1804-amd64-en-20211208
Behavioral task
behavioral2
Sample
b181807b9fc6e721183e9c84a63f9c2c6a00665f6a2d3ee04c95740598f45ba9
Resource
debian9-armhf-20221111-en
Behavioral task
behavioral3
Sample
b181807b9fc6e721183e9c84a63f9c2c6a00665f6a2d3ee04c95740598f45ba9
Resource
debian9-mipsbe-en-20211208
Behavioral task
behavioral4
Sample
b181807b9fc6e721183e9c84a63f9c2c6a00665f6a2d3ee04c95740598f45ba9
Resource
debian9-mipsel-en-20211208
General
-
Target
b181807b9fc6e721183e9c84a63f9c2c6a00665f6a2d3ee04c95740598f45ba9
-
Size
34KB
-
MD5
3b54e1cd87f913dce5190637045d28da
-
SHA1
7b56c3c678f70e136f1284d7d601a6565d54eb57
-
SHA256
b181807b9fc6e721183e9c84a63f9c2c6a00665f6a2d3ee04c95740598f45ba9
-
SHA512
0c755621d682aa527ca154d244e40185f8bdc1e84f3a76030936d4247230534c7048dbd79aeae7d7fa2f8673c295ed20a0ccab04771055d5e6cb52d1e33c37a2
-
SSDEEP
384:N4NqqoC/XUIEe4Xz2YeBrNBv2R4zhftyl7XepujtDphUifvzM5re2ML:OwIEe4Xz2YelNBv2GfcnKOgS
Malware Config
Signatures
-
Creates a large amount of network flows 1 TTPs
This may indicate a network scan to discover remotely running services.
-
Writes file to tmp directory 1 IoCs
Malware often drops required files in the /tmp directory.
Processes:
b181807b9fc6e721183e9c84a63f9c2c6a00665f6a2d3ee04c95740598f45ba9description ioc process /tmp/b181807b9fc6e721183e9c84a63f9c2c6a00665f6a2d3ee04c95740598f45ba9 /tmp/b181807b9fc6e721183e9c84a63f9c2c6a00665f6a2d3ee04c95740598f45ba9 b181807b9fc6e721183e9c84a63f9c2c6a00665f6a2d3ee04c95740598f45ba9