Resubmissions

23-04-2024 13:32

240423-qta9pagf6s 10

07-09-2023 13:24

230907-qnpvwsaa66 10

07-09-2023 13:24

230907-qnfbfsaa63 10

07-09-2023 13:23

230907-qm7djsaa59 10

07-09-2023 12:26

230907-pmkn4she9z 10

Analysis

  • max time network
    151s
  • platform
    debian-12_armhf
  • resource
    debian12-armhf-20240221-en
  • resource tags

    arch:armhfimage:debian12-armhf-20240221-enkernel:6.1.0-17-armmp-lpaelocale:en-usos:debian-12-armhfsystem
  • submitted
    23-04-2024 13:32

General

  • Target

    f60b29cfb7eab3aeb391f46e94d4d8efadde5498583a2f5c71bd8212d8ae92da

  • Size

    276KB

  • MD5

    9a6e4b8a6ba5b4f5a408919d2c169d92

  • SHA1

    9b8523cbf0f3af49dbb1680d53c8fc9b2782bcfc

  • SHA256

    f60b29cfb7eab3aeb391f46e94d4d8efadde5498583a2f5c71bd8212d8ae92da

  • SHA512

    d5fd2334772c18729790ec25b5e3c0ace6353aaa853f60d7e55b13f9b88f49e1dec294c303abc3877894ee8a492fdd1d6a0b951405f1f5a021280ff1c1800670

  • SSDEEP

    6144:XkYUAmEjloym0V80hkRocENCP0RnYtGSoBmb4d3PCBElKb/0FaiFsXWxATqtEvcM:XkYUAmEjloym0V80hkRo/NCP0RnYtGSj

Score
9/10

Malware Config

Signatures

  • Contacts a large (26194) amount of remote hosts 1 TTPs

    This may indicate a network scan to discover remotely running services.

  • Creates a large amount of network flows 1 TTPs

    This may indicate a network scan to discover remotely running services.

  • Unexpected DNS network traffic destination 21 IoCs

    Network traffic to other servers than the configured DNS servers was detected on the DNS port.

Processes

Network

MITRE ATT&CK Matrix ATT&CK v13

Replay Monitor

Loading Replay Monitor...

Downloads