09647acda8d5539b5e4512db30608a67999b5b40f495b21045ab266acbfd4cce | Triage

Submit
Reports

Overview

overview

9

Static

static

7

09647acda8...ce.elf

ubuntu-24.04-amd64

9

Sharing

General

Target

09647acda8d5539b5e4512db30608a67999b5b40f495b21045ab266acbfd4cce.elf
Size

1.8MB
Sample

240529-bfg3rabh4v
MD5

1cd19f1438dee2c8fe736aea9ea562cf
SHA1

c55f3068be8b4e958c23e3a096889707dbb48670
SHA256

09647acda8d5539b5e4512db30608a67999b5b40f495b21045ab266acbfd4cce
SHA512

5404f96628509d7d01c648c179278638558a4e2c89ab94283d4d5e3ce837858880ea4e887566166e704bcca05fb6b5605f14eb56988fd5122e4cedc79e75604a
SSDEEP

49152:2Co+lP5BThmWS/+9FBZYjJROIvjKV92TGNvd+UfuLFr11dFE8rcC:263BFmWS/+LvueSoPix11I8IC

Score

9^/10

discovery linux motw phishing upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

09647acda8d5539b5e4512db30608a67999b5b40f495b21045ab266acbfd4cce.elf

Resource

ubuntu2404-amd64-20240523-en

discovery motw phishing

ubuntu-24.04-amd64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  09647acda8d5539b5e4512db30608a67999b5b40f495b21045ab266acbfd4cce.elf
- Size
  
  1.8MB
- MD5
  
  1cd19f1438dee2c8fe736aea9ea562cf
- SHA1
  
  c55f3068be8b4e958c23e3a096889707dbb48670
- SHA256
  
  09647acda8d5539b5e4512db30608a67999b5b40f495b21045ab266acbfd4cce
- SHA512
  
  5404f96628509d7d01c648c179278638558a4e2c89ab94283d4d5e3ce837858880ea4e887566166e704bcca05fb6b5605f14eb56988fd5122e4cedc79e75604a
- SSDEEP
  
  49152:2Co+lP5BThmWS/+9FBZYjJROIvjKV92TGNvd+UfuLFr11dFE8rcC:263BFmWS/+LvueSoPix11I8IC
Score

9^/10

discovery motw phishing
- Contacts a large (1280051) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
- Mark of the Web detected: This indicates that the page was originally saved or cloned.
  phishing motw
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

discoverymotwphishing

© 2018-2024

Terms | Privacy