Resubmissions
29-05-2024 14:15
240529-rktv4shg97 729-05-2024 08:47
240529-kp2ceshg97 729-05-2024 08:41
240529-klkkhaha2s 729-05-2024 08:34
240529-kgk1gagg4z 728-05-2024 18:01
240528-wmdn5aeb9z 728-05-2024 17:55
240528-whpktsfc43 728-05-2024 15:18
240528-spzgtsab21 728-05-2024 09:15
240528-k72e5seg96 728-05-2024 09:05
240528-k19syaef28 7Analysis
-
max time network
152s -
platform
debian-12_armhf -
resource
debian12-armhf-20240418-en -
resource tags
arch:armhfimage:debian12-armhf-20240418-enkernel:6.1.0-17-armmp-lpaelocale:en-usos:debian-12-armhfsystem -
submitted
29-05-2024 14:15
Static task
static1
Behavioral task
behavioral1
Sample
2855380.bin
Resource
debian12-armhf-20240418-en
debian-12-armhf
General
-
Target
2855380.bin
-
Size
81KB
-
MD5
d9f1c1374664aff3f079e7645d61d224
-
SHA1
c0e6ac232140b20ca176bd68511ac54b66046f0a
-
SHA256
354f0aa88985785715e2be41bb2891c014acab3b301935e6037b2e896ccf5f4b
-
SHA512
1e1a3d8c35e2a746bdbe55e3b546ab526aae00f87f182638f96c542f775ab8c05accd2a2e53ac6fef8e3b438b9318bd59a7dfd6028b3a2d86c537407b6f2fe72
-
SSDEEP
1536:LGnzu1HSKsfXgBhjSgWtarN9v9cfiG2lKwi/IdfnWPY7XjMOdT:nfs/QhjSgWtarN9v9cVBIdfWPAjMKT
Malware Config
Signatures
-
Unexpected DNS network traffic destination 64 IoCs
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
description ioc Destination IP 80.152.203.134 Destination IP 151.80.222.79 Destination IP 178.254.22.166 Destination IP 185.181.61.24 Destination IP 194.36.144.87 Destination IP 185.181.61.24 Destination IP 217.160.70.42 Destination IP 185.232.68.212 Destination IP 137.220.52.23 Destination IP 178.254.22.166 Destination IP 178.254.22.166 Destination IP 217.160.70.42 Destination IP 185.232.68.212 Destination IP 151.80.222.79 Destination IP 194.36.144.87 Destination IP 81.169.136.222 Destination IP 137.220.52.23 Destination IP 185.181.61.24 Destination IP 185.232.68.212 Destination IP 151.80.222.79 Destination IP 81.169.136.222 Destination IP 194.36.144.87 Destination IP 185.181.61.24 Destination IP 51.83.172.84 Destination IP 178.254.22.166 Destination IP 185.232.68.212 Destination IP 51.83.172.84 Destination IP 80.152.203.134 Destination IP 137.220.52.23 Destination IP 185.232.68.212 Destination IP 151.80.222.79 Destination IP 51.83.172.84 Destination IP 185.232.68.212 Destination IP 152.53.15.127 Destination IP 152.53.15.127 Destination IP 137.220.52.23 Destination IP 81.169.136.222 Destination IP 185.181.61.24 Destination IP 152.53.15.127 Destination IP 168.235.111.72 Destination IP 81.169.136.222 Destination IP 81.169.136.222 Destination IP 217.160.70.42 Destination IP 217.160.70.42 Destination IP 168.235.111.72 Destination IP 185.232.68.212 Destination IP 217.160.70.42 Destination IP 81.169.136.222 Destination IP 168.235.111.72 Destination IP 81.169.136.222 Destination IP 217.160.70.42 Destination IP 152.53.15.127 Destination IP 178.254.22.166 Destination IP 152.53.15.127 Destination IP 217.160.70.42 Destination IP 185.181.61.24 Destination IP 51.83.172.84 Destination IP 185.181.61.24 Destination IP 178.254.22.166 Destination IP 185.232.68.212 Destination IP 151.80.222.79 Destination IP 168.235.111.72 Destination IP 185.232.68.212 Destination IP 168.235.111.72