599ae527f10ddb4625687748b7d3734ee51673b664f2e5d0346e64f85e185683

Analysis

max time kernel
0s
max time network
131s
platform
ubuntu-18.04_amd64
resource
ubuntu1804-amd64-20240226-en
resource tags

arch:amd64arch:i386image:ubuntu1804-amd64-20240226-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system
submitted
10-04-2024 11:09

Target

599ae527f10ddb4625687748b7d3734ee51673b664f2e5d0346e64f85e185683
Size

27KB
MD5

85f538110d3e59bef69119db03932b16
SHA1

2bc4dfec30893df28357e8affae068b32f0796d8
SHA256

599ae527f10ddb4625687748b7d3734ee51673b664f2e5d0346e64f85e185683
SHA512

9f68a5c2e65a11729ccbefde48d5de643889eeeaef9868623b8f78d0a71321f8078b7fd96705f50625bda7060a16178312b8dc7edb0a0220bfeed589bd141d7d
SSDEEP

768:ZrD/o+FMXrThYxtuZZTahZbDRSDOfQEd0iFrTvCGCV:x/o+FMXrThYxtyTahZN0iFrTvg

Score

7^/10

Changes its process name 1 IoCs

Processes:

599ae527f10ddb4625687748b7d3734ee51673b664f2e5d0346e64f85e185683

description	ioc	pid	process
Changes the process name, possibly in an attempt to hide itself	/usr/lib/systemd/systemd-machined	1510	599ae527f10ddb4625687748b7d3734ee51673b664f2e5d0346e64f85e185683

Creates Raw socket 1 IoCs
Creates a socket that captures raw packets at the device level

Processes:

pid

1511

pid
1511

/tmp/599ae527f10ddb4625687748b7d3734ee51673b664f2e5d0346e64f85e185683
/tmp/599ae527f10ddb4625687748b7d3734ee51673b664f2e5d0346e64f85e185683
1⤵
- Changes its process name
PID:1510