fd1b20ee5bd429046d3c04e9c675c41e9095bea70e0329bd32d7edd17ebaf68a

Analysis

max time kernel
2s
max time network
133s
platform
ubuntu-18.04_amd64
resource
ubuntu1804-amd64-20240226-en
resource tags

arch:amd64arch:i386image:ubuntu1804-amd64-20240226-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system
submitted
10-04-2024 15:06

Target

fd1b20ee5bd429046d3c04e9c675c41e9095bea70e0329bd32d7edd17ebaf68a
Size

22KB
MD5

aa78b0d9c6351cb664780d9203a331a9
SHA1

5c2aa2735f5c925fd309b41d02f29473448aea68
SHA256

fd1b20ee5bd429046d3c04e9c675c41e9095bea70e0329bd32d7edd17ebaf68a
SHA512

3c4c6ca09c87583a405ec02478b02008548748a747cb4375aaea6b7c780dea2230bc2d5502f1d3f14c55890f34703525ee1c08f6bad41e30e52d21cd922e80fa
SSDEEP

384:ImdtpD0ogxSIafTZquZkBgzspIbMCfZSDFM6HlYGxhq0iFBcTjY4Uy:IYtpD0oDZ/IabDRSD2wlYgq0iFDc

Score

7^/10

Changes its process name 1 IoCs

Processes:

fd1b20ee5bd429046d3c04e9c675c41e9095bea70e0329bd32d7edd17ebaf68a

description	ioc	pid	process
Changes the process name, possibly in an attempt to hide itself	pickup -l -t fifo -u	1580	fd1b20ee5bd429046d3c04e9c675c41e9095bea70e0329bd32d7edd17ebaf68a

Creates Raw socket 1 IoCs
Creates a socket that captures raw packets at the device level

Processes:

pid

1585

pid
1585

/tmp/fd1b20ee5bd429046d3c04e9c675c41e9095bea70e0329bd32d7edd17ebaf68a
/tmp/fd1b20ee5bd429046d3c04e9c675c41e9095bea70e0329bd32d7edd17ebaf68a
1⤵
- Changes its process name
PID:1580