Analysis Overview
score
10/10
SHA256
037cdd6b525ec7f5c3614e888eb6a93fb8c8d7568921c212ba0f9278ffd90c81
Threat Level: Known bad
The file dotnet.x86 was found to be: Known bad.
Malicious Activity Summary
Mirai family
Changes its process name
MITRE ATT&CK
N/A
Analysis: static1
Detonation Overview
Reported
2024-05-21 15:05
Signatures
Mirai family
Analysis: behavioral1
Detonation Overview
Submitted
2024-05-21 15:05
Reported
2024-05-21 15:07
Platform
ubuntu2004-amd64-20240508-en
Max time kernel
143s
Max time network
150s
Command Line
[/tmp/dotnet.x86]
Signatures
Changes its process name
| Description | Indicator | Process | Target |
| Changes the process name, possibly in an attempt to hide itself | N/A | /tmp/dotnet.x86 | N/A |
Processes
/tmp/dotnet.x86
[/tmp/dotnet.x86]
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| NL | 85.192.40.113:61231 | tcp | |
| US | 1.1.1.1:53 | connectivity-check.ubuntu.com | udp |
| NL | 85.192.40.113:61231 | tcp | |
| NL | 85.192.40.113:61231 | tcp | |
| NL | 85.192.40.113:61231 | tcp | |
| NL | 85.192.40.113:61231 | tcp | |
| NL | 85.192.40.113:61231 | tcp | |
| NL | 85.192.40.113:61231 | tcp | |
| NL | 85.192.40.113:61231 | tcp | |
| NL | 85.192.40.113:61231 | tcp | |
| NL | 85.192.40.113:61231 | tcp | |
| NL | 85.192.40.113:61231 | tcp | |
| NL | 85.192.40.113:61231 | tcp | |
| US | 1.1.1.1:53 | connectivity-check.ubuntu.com | udp |
| NL | 85.192.40.113:61231 | tcp | |
| NL | 85.192.40.113:61231 | tcp |
Files
N/A