ac06771774538f33b0e95a92ae1a3e8aaf27e188b51700a03c14ca097af09cac

Analysis

max time kernel
0s
max time network
132s
platform
ubuntu-18.04_amd64
resource
ubuntu1804-amd64-20240226-en
resource tags

arch:amd64arch:i386image:ubuntu1804-amd64-20240226-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system
submitted
10-04-2024 13:21

Target

ac06771774538f33b0e95a92ae1a3e8aaf27e188b51700a03c14ca097af09cac
Size

30KB
MD5

5ad53b33ee1f7d81e1d7caf31f39ba50
SHA1

e16b9469f265eba6548fb611df157b7eaa073666
SHA256

ac06771774538f33b0e95a92ae1a3e8aaf27e188b51700a03c14ca097af09cac
SHA512

75043cb71bbdb0636dcaa3a91336c3d484a8f9db258c2c6ce3844e717c03638c931121a64a3dac493de63e1e22ec2011275a4497aa83d12765e1eed28c115ff2
SSDEEP

384:YM1H7n174u6PJOK8Ik161nC3aHx0dGO3ptMyV4M1EPt0iF8v5VhvDllcYN+7:YM9bNio18upXMyU0iFy5Nh87

Score

7^/10

Changes its process name 1 IoCs

Processes:

ac06771774538f33b0e95a92ae1a3e8aaf27e188b51700a03c14ca097af09cac

description	ioc	pid	process
Changes the process name, possibly in an attempt to hide itself	/sbin/auditd -n	1568	ac06771774538f33b0e95a92ae1a3e8aaf27e188b51700a03c14ca097af09cac

Creates Raw socket 1 IoCs
Creates a socket that captures raw packets at the device level

Processes:

pid

1569

pid
1569

/tmp/ac06771774538f33b0e95a92ae1a3e8aaf27e188b51700a03c14ca097af09cac
/tmp/ac06771774538f33b0e95a92ae1a3e8aaf27e188b51700a03c14ca097af09cac
1⤵
- Changes its process name
PID:1568