27b486faa94f48887797d5f2b75881387915bf551ea47febf47a3416c6b005b8 | Triage

Analysis

max time kernel
151s
max time network
155s
platform
debian-9_mips
resource
debian9-mipsbe-20231215-en
resource tags

arch:mipsimage:debian9-mipsbe-20231215-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipssystem
submitted
19/12/2023, 23:22

Sharing

Report Analysis Logs

General

Target

5ebf3a0c02c3304c54b491ea01413362
Size

70KB
MD5

5ebf3a0c02c3304c54b491ea01413362
SHA1

2246cd502b39a5f2b98ec664b495f29d0527fe7d
SHA256

27b486faa94f48887797d5f2b75881387915bf551ea47febf47a3416c6b005b8
SHA512

bb170fdfbd9a1fdaf6fcf3441459c21622731075e8a0f5df057b9abaeb907dc935ab3af9b4618e2d429790177f86601c71148cdddc245cfb93dc04aff78b1d7e
SSDEEP

1536:GbOpKYlClYV0OdtTxBTxvMTxMZ5d5BxvNOcJLVp++yHmW:no4/r74cJLDG

Score

7^/10

Malware Config

Signatures

Unexpected DNS network traffic destination 17 IoCs

Network traffic to other servers than the configured DNS servers was detected on the DNS port.

description	ioc
Destination IP	84.200.70.40
Destination IP	84.200.69.80
Destination IP	84.200.69.80
Destination IP	91.239.100.100
Destination IP	84.200.69.80
Destination IP	84.200.70.40
Destination IP	84.200.70.40
Destination IP	84.200.69.80
Destination IP	84.200.69.80
Destination IP	84.200.69.80
Destination IP	84.200.70.40
Destination IP	91.239.100.100
Destination IP	84.200.69.80
Destination IP	84.200.69.80
Destination IP	84.200.69.80
Destination IP	84.200.69.80
Destination IP	84.200.70.40

/tmp/5ebf3a0c02c3304c54b491ea01413362
/tmp/5ebf3a0c02c3304c54b491ea01413362
1⤵
PID:722

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads