Overview

overview

9

Static

static

1

89411c3c80...ce7c11

ubuntu-18.04-amd64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    89411c3c806311b15da604888dce7c11

  • Size

    64KB

  • Sample

    231220-gldkeaeebr

  • MD5

    89411c3c806311b15da604888dce7c11

  • SHA1

    f000818164b62d2b25960fa79291f56eb41c8e20

  • SHA256

    8f645829fe97c30c9acf87843175edd4010b01d7c74588d686c13216c52ed6fe

  • SHA512

    357ddbe39582d28a5fa1a34be257ec28f95b0e60ee5de9e5336abf7b339131ead233407de9634ccc5dfa56064dd32f037e0b7145667fe8eec607d3317581650e

  • SSDEEP

    1536:aKxPDEpCYYxq8xARlwkSyjBDRp3EJr+Uk:hFIpCY38xARG8BDRZ8

Score
9/10
discoverylinux

Malware Config

Targets

    • Target

      89411c3c806311b15da604888dce7c11

    • Size

      64KB

    • MD5

      89411c3c806311b15da604888dce7c11

    • SHA1

      f000818164b62d2b25960fa79291f56eb41c8e20

    • SHA256

      8f645829fe97c30c9acf87843175edd4010b01d7c74588d686c13216c52ed6fe

    • SHA512

      357ddbe39582d28a5fa1a34be257ec28f95b0e60ee5de9e5336abf7b339131ead233407de9634ccc5dfa56064dd32f037e0b7145667fe8eec607d3317581650e

    • SSDEEP

      1536:aKxPDEpCYYxq8xARlwkSyjBDRp3EJr+Uk:hFIpCY38xARG8BDRZ8

    Score
    9/10
    discovery

    • Contacts a large (37782) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks