6d9dbf90a0726fb7278aedc0b607edbbc9226ec675c3d6548d14b97c515a75c7

Analysis

max time kernel
7226s
max time network
153s
platform
ubuntu-18.04_amd64
resource
ubuntu1804-amd64-20221111-en
resource tags

arch:amd64arch:i386image:ubuntu1804-amd64-20221111-enkernel:4.15.0-161-genericlocale:en-usos:ubuntu-18.04-amd64system
submitted
03/02/2023, 09:31

Target

445b9f54a036a882f319f1e826851370.elf
Size

65KB
MD5

445b9f54a036a882f319f1e826851370
SHA1

7ef69ad7281467de3cdb2bafd147267a8af5b1f3
SHA256

6d9dbf90a0726fb7278aedc0b607edbbc9226ec675c3d6548d14b97c515a75c7
SHA512

1ae4277e7da4f1bcd72ef7fc99b27690dbf1439eb9eca3c357c97f5ad2e6cceb3c7f87918658c3e2933e254b477b86814446318e32ef49f9f12c94529bc4ed08
SSDEEP

1536:64brI6HqE6rUGJQ+zL93CDxutD7tu5XGXmdyIPM:lbk8qE6rUGi+V3CDYtDsoWXM

Score

9^/10

discovery

Contacts a large (145331) amount of remote hosts 1 TTPs
This may indicate a network scan to discover remotely running services.
discovery

Network Service Scanning
T1046
Creates a large amount of network flows 1 TTPs
This may indicate a network scan to discover remotely running services.
discovery

Network Service Scanning
T1046

Writes file to tmp directory 1 IoCs

Malware often drops required files in the /tmp directory.

description	ioc	Process
/tmp/445b9f54a036a882f319f1e826851370.elf	/tmp/445b9f54a036a882f319f1e826851370.elf	445b9f54a036a882f319f1e826851370.elf

/tmp/445b9f54a036a882f319f1e826851370.elf
/tmp/445b9f54a036a882f319f1e826851370.elf
1⤵
- Writes file to tmp directory
PID:606

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Scanning

Lateral Movement

Collection

Command and Control

Exfiltration

Impact