cfc1593c447aa322cee5bfb75891ec37645c0f0acc75cea7e280fcd94aff0bae

Analysis

max time kernel
0s
max time network
154s
platform
linux_amd64
resource
ubuntu1804-amd64-en-20211208
resource tags

arch:amd64arch:i386image:ubuntu1804-amd64-en-20211208kernel:4.15.0-161-genericlocale:en-usos:ubuntu-18.04-amd64system
submitted
22/03/2023, 08:16

Target

a6829496847f39a2e650c5fa2e4b8d8b.elf
Size

69KB
MD5

a6829496847f39a2e650c5fa2e4b8d8b
SHA1

42c43fd4d11c1dcdf6357bf1d0d3e8e96b4a4bcc
SHA256

cfc1593c447aa322cee5bfb75891ec37645c0f0acc75cea7e280fcd94aff0bae
SHA512

c1e7fe378ab45c1e0701f958b97dbdbe5e9d1d22b10f8bf55cc0f93c03011c2afacd5f61ab85417fd7065c01ff7c80e32cf592ce6693750167e99ff0997bb86e
SSDEEP

1536:bnUQJZdRlDAXO6QyQnD0QT2DxChZHAJ7RvsuIr5bhZfX:bnUQJ7RlUXTQpnD0QTmxCbHg+uWbX

Score

9^/10

discovery

Contacts a large (37107) amount of remote hosts 1 TTPs
This may indicate a network scan to discover remotely running services.
discovery

Network Service Scanning
T1046
Creates a large amount of network flows 1 TTPs
This may indicate a network scan to discover remotely running services.
discovery

Network Service Scanning
T1046

Unexpected DNS network traffic destination 25 IoCs

Network traffic to other servers than the configured DNS servers was detected on the DNS port.

/tmp/a6829496847f39a2e650c5fa2e4b8d8b.elf
/tmp/a6829496847f39a2e650c5fa2e4b8d8b.elf
1⤵
PID:571

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Scanning

Lateral Movement

Collection

Command and Control

Exfiltration

Impact