4bbf2277a4c31b2ed40a4e9042ad587c0b090cf7632b05626eac62981df2141e | Triage

Sharing

General

Target

4bbf2277a4c31b2ed40a4e9042ad587c0b090cf7632b05626eac62981df2141e.elf
Size

57KB
Sample

240603-be9flsde9y
MD5

97a7e0f4a4ce1461c64eef54494f3504
SHA1

c0a4e17447782add418162901c464853612e08f5
SHA256

4bbf2277a4c31b2ed40a4e9042ad587c0b090cf7632b05626eac62981df2141e
SHA512

d756a62f6c06f6e32fd070e7f755b673481f41cbcc4a4253a654efb3f97b22f73cb72e4327a07517ca3d79546ba3ceb33181cb157623f3b735fbaadc3b956a66
SSDEEP

768:1KaI5mX2sd/9CZuaMnroyvBqmh5Td1rStgVjCvDpwaChIy9GOa/gKYU64DjD+sOn:4e2Y7RvB5hhrStgUuaHBOLt6jD/LC

Score

9^/10

discovery

Malware Config

Targets

- Target
  
  4bbf2277a4c31b2ed40a4e9042ad587c0b090cf7632b05626eac62981df2141e.elf
- Size
  
  57KB
- MD5
  
  97a7e0f4a4ce1461c64eef54494f3504
- SHA1
  
  c0a4e17447782add418162901c464853612e08f5
- SHA256
  
  4bbf2277a4c31b2ed40a4e9042ad587c0b090cf7632b05626eac62981df2141e
- SHA512
  
  d756a62f6c06f6e32fd070e7f755b673481f41cbcc4a4253a654efb3f97b22f73cb72e4327a07517ca3d79546ba3ceb33181cb157623f3b735fbaadc3b956a66
- SSDEEP
  
  768:1KaI5mX2sd/9CZuaMnroyvBqmh5Td1rStgVjCvDpwaChIy9GOa/gKYU64DjD+sOn:4e2Y7RvB5hhrStgUuaHBOLt6jD/LC
Score

9^/10

discovery
- Contacts a large (76767) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1