8e93835f528c13ea3642078b9ed7abc84eb6af01ec7fccf661787205ea97d7d7 | Triage

Analysis

max time kernel
5s
max time network
7s
platform
ubuntu-18.04_amd64
resource
ubuntu1804-amd64-20231215-en
resource tags

arch:amd64arch:i386image:ubuntu1804-amd64-20231215-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system
submitted
19/02/2024, 09:40 UTC

Sharing

Reason

Payload did not run: payload error: fork/exec /tmp/6c70fd06deeb1083a98fbb6f535ff9dd.elf: exec format error

Report Analysis Logs

General

Target

6c70fd06deeb1083a98fbb6f535ff9dd.elf
Size

26KB
MD5

6c70fd06deeb1083a98fbb6f535ff9dd
SHA1

f249ec303f18d2a0aa45403af685036f6bdd0f25
SHA256

8e93835f528c13ea3642078b9ed7abc84eb6af01ec7fccf661787205ea97d7d7
SHA512

9864c2b7eff9cd4a811c4d7e6b69d8108230042796a99459639f3e2cc6551cbada31952b4990a8316ba14682182316db10eb0707988668cf6599fc24e4dd9999
SSDEEP

768:YiQLDqbw2DR5Cn6o7hv8R+9lASbkYNmk4uVcqgw09R:YybwyXCn6S18AlA4Wk4u+qgw09R

Score

1^/10

Malware Config

Signatures

/tmp/6c70fd06deeb1083a98fbb6f535ff9dd.elf
/tmp/6c70fd06deeb1083a98fbb6f535ff9dd.elf
1⤵
PID:1551

Network

DNS

cdn.fwupd.org

Remote address:

1.1.1.1:53

Request

cdn.fwupd.org

IN A

Response

cdn.fwupd.org

IN CNAME

dualstack.p2.shared.global.fastly.net

dualstack.p2.shared.global.fastly.net

IN A

151.101.130.49

dualstack.p2.shared.global.fastly.net

IN A

151.101.194.49

dualstack.p2.shared.global.fastly.net

IN A

151.101.2.49

dualstack.p2.shared.global.fastly.net

IN A

151.101.66.49
DNS

cdn.fwupd.org

Remote address:

1.1.1.1:53

Request

cdn.fwupd.org

IN AAAA

Response

cdn.fwupd.org

IN CNAME

dualstack.p2.shared.global.fastly.net

dualstack.p2.shared.global.fastly.net

IN AAAA

2a04:4e42::561

dualstack.p2.shared.global.fastly.net

IN AAAA

2a04:4e42:400::561

dualstack.p2.shared.global.fastly.net

IN AAAA

2a04:4e42:600::561

dualstack.p2.shared.global.fastly.net

IN AAAA

2a04:4e42:200::561
DNS

1527653184.rsc.cdn77.org

Remote address:

1.1.1.1:53

Request

1527653184.rsc.cdn77.org

IN A

Response

1527653184.rsc.cdn77.org

IN A

89.187.167.6

1527653184.rsc.cdn77.org

IN A

195.181.164.17
DNS

1527653184.rsc.cdn77.org

Remote address:

1.1.1.1:53

Request

1527653184.rsc.cdn77.org

IN AAAA

Response

1527653184.rsc.cdn77.org

IN AAAA

2a02:6ea0:ca00::3

1527653184.rsc.cdn77.org

IN AAAA

2a02:6ea0:ca00::4

151.101.2.49:443

tls

127 B
40 B
2
1
151.101.66.49:443

cdn.fwupd.org

tls

14.5kB
1.1MB
232
785
151.101.129.91:443

tls

127 B
40 B
2
1
89.187.167.6:443

tls

353 B
5
185.125.188.62:443

tls

135 B
2
185.125.188.62:443

tls

135 B
2
151.101.129.91:443

extensions.gnome.org

tls

4.5kB
224.2kB
75
171
89.187.167.6:443

odrs.gnome.org

tls

10.6kB
1.4MB
193
1036

224.0.0.251:5353

73 B
1
1.1.1.1:53

cdn.fwupd.org

dns

70 B
185 B
1
1

DNS Request

cdn.fwupd.org

DNS Response

151.101.130.49

151.101.194.49

151.101.2.49

151.101.66.49
1.1.1.1:53

cdn.fwupd.org

dns

70 B
233 B
1
1

DNS Request

cdn.fwupd.org

DNS Response

2a04:4e42::561

2a04:4e42:400::561

2a04:4e42:600::561

2a04:4e42:200::561
1.1.1.1:53

1527653184.rsc.cdn77.org

dns

81 B
113 B
1
1

DNS Request

1527653184.rsc.cdn77.org

DNS Response

89.187.167.6

195.181.164.17
1.1.1.1:53

1527653184.rsc.cdn77.org

dns

81 B
137 B
1
1

DNS Request

1527653184.rsc.cdn77.org

DNS Response

2a02:6ea0:ca00::3

2a02:6ea0:ca00::4

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads