Overview

overview

6

Static

static

b181807b9f...f45ba9

ubuntu-18.04-amd64

6

b181807b9f...f45ba9

debian-9-armhf

5

b181807b9f...f45ba9

debian-9-mips

5

b181807b9f...f45ba9

debian-9-mipsel

5

Analysis

  • max time kernel
    0s
  • max time network
    154s
  • platform
    linux_amd64
  • resource
    ubuntu1804-amd64-en-20211208
  • resource tags

    arch:amd64arch:i386image:ubuntu1804-amd64-en-20211208kernel:4.15.0-161-genericlocale:en-usos:ubuntu-18.04-amd64system
  • submitted
    27-11-2022 07:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b181807b9fc6e721183e9c84a63f9c2c6a00665f6a2d3ee04c95740598f45ba9

  • Size

    34KB

  • MD5

    3b54e1cd87f913dce5190637045d28da

  • SHA1

    7b56c3c678f70e136f1284d7d601a6565d54eb57

  • SHA256

    b181807b9fc6e721183e9c84a63f9c2c6a00665f6a2d3ee04c95740598f45ba9

  • SHA512

    0c755621d682aa527ca154d244e40185f8bdc1e84f3a76030936d4247230534c7048dbd79aeae7d7fa2f8673c295ed20a0ccab04771055d5e6cb52d1e33c37a2

  • SSDEEP

    384:N4NqqoC/XUIEe4Xz2YeBrNBv2R4zhftyl7XepujtDphUifvzM5re2ML:OwIEe4Xz2YelNBv2GfcnKOgS

Score
6/10
discovery

Malware Config

Signatures

  • Creates a large amount of network flows 1 TTPs

    This may indicate a network scan to discover remotely running services.

    discovery
  • Writes file to tmp directory 1 IoCs

    Malware often drops required files in the /tmp directory.

Processes

  • /tmp/b181807b9fc6e721183e9c84a63f9c2c6a00665f6a2d3ee04c95740598f45ba9
    /tmp/b181807b9fc6e721183e9c84a63f9c2c6a00665f6a2d3ee04c95740598f45ba9
    1⤵
    • Writes file to tmp directory
    PID:570

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Scanning

1
T1046

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads