Resubmissions
23-04-2024 13:32
240423-qta9pagf6s 1007-09-2023 13:24
230907-qnpvwsaa66 1007-09-2023 13:24
230907-qnfbfsaa63 1007-09-2023 13:23
230907-qm7djsaa59 1007-09-2023 12:26
230907-pmkn4she9z 10Analysis
-
max time network
151s -
platform
debian-12_armhf -
resource
debian12-armhf-20240221-en -
resource tags
-
submitted
23-04-2024 13:32
General
-
Target
f60b29cfb7eab3aeb391f46e94d4d8efadde5498583a2f5c71bd8212d8ae92da
-
Size
276KB
-
MD5
9a6e4b8a6ba5b4f5a408919d2c169d92
-
SHA1
9b8523cbf0f3af49dbb1680d53c8fc9b2782bcfc
-
SHA256
f60b29cfb7eab3aeb391f46e94d4d8efadde5498583a2f5c71bd8212d8ae92da
-
SHA512
d5fd2334772c18729790ec25b5e3c0ace6353aaa853f60d7e55b13f9b88f49e1dec294c303abc3877894ee8a492fdd1d6a0b951405f1f5a021280ff1c1800670
-
SSDEEP
6144:XkYUAmEjloym0V80hkRocENCP0RnYtGSoBmb4d3PCBElKb/0FaiFsXWxATqtEvcM:XkYUAmEjloym0V80hkRo/NCP0RnYtGSj
Malware Config
Signatures
-
Contacts a large (26194) amount of remote hosts 1 TTPs
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows 1 TTPs
This may indicate a network scan to discover remotely running services.
-
Unexpected DNS network traffic destination 21 IoCs
Network traffic to other servers than the configured DNS servers was detected on the DNS port.