Extracted

• • Target

    0cd70f255d4b7b9a8cdd99dece7fc207

  • Size

    194KB

  • MD5

    0cd70f255d4b7b9a8cdd99dece7fc207

  • SHA1

    e7abc8c0d0504012836f6184fa7b799ae60c9319

  • SHA256

    379dc2664d082796d8fed4bf3fff923043aac6c225ec2ba85008bec86b73a15f

  • SHA512

    612e2feaaeabf319159f96a8dc4f775be52720fd49bc1f1ff432c8919a1c5fedef52e5069eb5ae1fad4882d2b637a97b2e254f5ff111eca53b65a0428957773a

  • SSDEEP

    6144:z5RSxlFGW+4letJ8addQ6AWmN7Q8aQi6r9nzkH:zXYUW+setJ8aNiN7Q8aL6r9nzkH

  Score

  9^/10

  discovery

  • Contacts a large (22394) amount of remote hosts

    This may indicate a network scan to discover remotely running services.

    discovery

  • Creates a large amount of network flows

    This may indicate a network scan to discover remotely running services.

    discovery

  • Changes its process name

  • Reads system routing table

    Gets active network interfaces from /proc virtual filesystem.

  behavioral1