7d34f68e05ff02c35610806b8138d2e2c3bd7a2168b2e9c4335af1c38a2ad6a4

Analysis

max time kernel
149s
max time network
151s
platform
ubuntu-20.04_amd64
resource
ubuntu2004-amd64-20240221-en
resource tags

arch:amd64arch:i386image:ubuntu2004-amd64-20240221-enkernel:5.4.0-169-genericlocale:en-usos:ubuntu-20.04-amd64system
submitted
18-04-2024 20:11

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

7dca39066597a4dc093b6d31a65ae4e3.elf
Size

45KB
MD5

7dca39066597a4dc093b6d31a65ae4e3
SHA1

50a2113d43f547708893487b29e3cc1eef568ab0
SHA256

7d34f68e05ff02c35610806b8138d2e2c3bd7a2168b2e9c4335af1c38a2ad6a4
SHA512

ffcc149af4d1a19a6ebd97c1d7ef38f8082075dc7e73a292ff8face85778f3aa6f007da9d5ae7677056d76b894bca93d3ead0ad8e8a152da115bcf7b2b227f78
SSDEEP

768:kFsCAjAHYeH0OVnC/I3JcXKcgVgQ9E27PVFrvFb+INmUaD4y8Bj/Ms3IU:kFsCAjAHFHNVnLZ+gV5W0D+INm9D4PLJ

Score

9^/10

discovery

Malware Config

Signatures

Creates a large amount of network flows 1 TTPs
This may indicate a network scan to discover remotely running services.
discovery

Network Service Discovery
T1046
Changes its process name 1 IoCs

Processes:

7dca39066597a4dc093b6d31a65ae4e3.elf

description ioc pid process

Changes the process name, possibly in an attempt to hide itself a 1475 7dca39066597a4dc093b6d31a65ae4e3.elf

description	ioc	pid	process
Changes the process name, possibly in an attempt to hide itself	a	1475	7dca39066597a4dc093b6d31a65ae4e3.elf

Unexpected DNS network traffic destination 6 IoCs

Network traffic to other servers than the configured DNS servers was detected on the DNS port.

Processes:

description	ioc
Destination IP	139.99.46.21
Destination IP	139.99.46.21
Destination IP	139.99.46.21
Destination IP	139.99.46.21
Destination IP	139.99.46.21
Destination IP	139.99.46.21

/tmp/7dca39066597a4dc093b6d31a65ae4e3.elf
/tmp/7dca39066597a4dc093b6d31a65ae4e3.elf
1⤵
- Changes its process name
PID:1475

Network

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

T1046

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix ATT&CK v13

Replay Monitor

Loading Replay Monitor...

Downloads