e52f27f717dba9f328981075c0f26aa2f0310ac3077b0e9ec56629f25775105f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e52f27f717dba9f328981075c0f26aa2f0310ac3077b0e9ec56629f25775105f.elf
Size

95KB
Sample

240510-kctf2sga88
MD5

60ce890d052ee00913e045158a95e198
SHA1

848f6aaeb7acffa8dc0d565f3de9cd09bde4350c
SHA256

e52f27f717dba9f328981075c0f26aa2f0310ac3077b0e9ec56629f25775105f
SHA512

3d4cc44a7f7617054652062ab0a5024b1a4e27350e3bc98269f9da7c83cc98a5fe8b1ef7a9861c2d95d2b19fe16c5f414bc167332a9401eec66e3546fcb36d13
SSDEEP

1536:QanyyyZqStEwOtH0pe3lAL766OP9i5aUR669AEsx2eilHGi6JnXzUeZNYkRDk:AaKEwMiL7664i5aUR669AEFRyJXzUeZG

Score

9^/10

discovery

Malware Config

Targets

- Target
  
  e52f27f717dba9f328981075c0f26aa2f0310ac3077b0e9ec56629f25775105f.elf
- Size
  
  95KB
- MD5
  
  60ce890d052ee00913e045158a95e198
- SHA1
  
  848f6aaeb7acffa8dc0d565f3de9cd09bde4350c
- SHA256
  
  e52f27f717dba9f328981075c0f26aa2f0310ac3077b0e9ec56629f25775105f
- SHA512
  
  3d4cc44a7f7617054652062ab0a5024b1a4e27350e3bc98269f9da7c83cc98a5fe8b1ef7a9861c2d95d2b19fe16c5f414bc167332a9401eec66e3546fcb36d13
- SSDEEP
  
  1536:QanyyyZqStEwOtH0pe3lAL766OP9i5aUR669AEsx2eilHGi6JnXzUeZNYkRDk:AaKEwMiL7664i5aUR669AEFRyJXzUeZG
Score

9^/10

discovery
- Contacts a large (75417) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1