a587083ef2c6169e87ba73e9e51f1e78d020b5924e4419fe0ab9527e298562e1

Analysis

max time network
153s
platform
debian-9_armhf
resource
debian9-armhf-20240226-en
resource tags

arch:armhfimage:debian9-armhf-20240226-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
submitted
01-06-2024 12:49

Target

8a804570ec5719b5fe18a0948ea4d915_JaffaCakes118
Size

127KB
MD5

8a804570ec5719b5fe18a0948ea4d915
SHA1

c7da0b4134d8ca1baa2d6a77042c3a1ef9aa0f43
SHA256

a587083ef2c6169e87ba73e9e51f1e78d020b5924e4419fe0ab9527e298562e1
SHA512

e9372a5aacc3fee692d954f61492b1bb217d8398af30d63df9451e1420be8e1b717ad01530a113c9c2c12d4e09acebbda81183169c82e25ea7d1c3237910b608
SSDEEP

3072:1WU8SX5yspNrUfnfYQaaYmn3KxLBatoTuIYn528uh3xM/9m9vn:QSwaaYmyVatoTuFn1uhBM/9aP

Score

9^/10

discovery

Contacts a large (27987) amount of remote hosts 1 TTPs
This may indicate a network scan to discover remotely running services.
discovery

Network Service Discovery
T1046
Creates a large amount of network flows 1 TTPs
This may indicate a network scan to discover remotely running services.
discovery

Network Service Discovery
T1046

Unexpected DNS network traffic destination 20 IoCs

Network traffic to other servers than the configured DNS servers was detected on the DNS port.

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact