Analysis Overview
score
7/10
SHA256
5aac483c19c69a0a438058fa211a4d755d3e4f21d66e6446f2c34256f38c62c6
Threat Level: Shows suspicious behavior
The file 5aac483c19c69a0a438058fa211a4d755d3e4f21d66e6446f2c34256f38c62c6.elf was found to be: Shows suspicious behavior.
Malicious Activity Summary
UPX packed file
MITRE ATT&CK
N/A
Analysis: static1
Detonation Overview
Reported
2024-06-07 01:39
Signatures
UPX packed file
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-07 01:39
Reported
2024-06-07 01:42
Platform
ubuntu2204-amd64-20240522.1-en
Max time network
150s
Command Line
N/A
Signatures
N/A
Processes
N/A
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | \JYQDENFN_JEN_+ �x /pr | udp |
| US | 8.8.8.8:53 | \JYQDENFN_JEN_+ �x /pr | udp |
| US | 8.8.8.8:53 | \JYQDENFN_JEN_+ �x /pr | udp |
| US | 8.8.8.8:53 | \JYQDENFN_JEN_+ �x /pr | udp |
| US | 8.8.8.8:53 | \JYQDENFN_JEN_+ �x /pr | udp |
| GB | 217.32.184.17:23 | tcp | |
| US | 8.8.8.8:53 | \JYQDENFN_JEN_+ �x /pr | udp |
| US | 8.8.8.8:53 | \JYQDENFN_JEN_+ �x /pr | udp |
| US | 8.8.8.8:53 | \JYQDENFN_JEN_+ �x /pr | udp |
| US | 8.8.8.8:53 | \JYQDENFN_JEN_+ �x /pr | udp |
| US | 8.8.8.8:53 | \JYQDENFN_JEN_+ �x /pr | udp |
| GB | 217.32.184.17:23 | tcp | |
| US | 8.8.8.8:53 | \JYQDENFN_JEN_+ �x /pr | udp |
| US | 8.8.8.8:53 | \JYQDENFN_JEN_+ �x /pr | udp |
| US | 8.8.8.8:53 | \JYQDENFN_JEN_+ �x /pr | udp |
| US | 8.8.8.8:53 | \JYQDENFN_JEN_+ �x /pr | udp |
| US | 8.8.8.8:53 | \JYQDENFN_JEN_+ �x /pr | udp |
| GB | 217.32.184.17:23 | tcp | |
| US | 8.8.8.8:53 | \JYQDENFN_JEN_+ �x /pr | udp |
| US | 8.8.8.8:53 | \JYQDENFN_JEN_+ �x /pr | udp |
| US | 8.8.8.8:53 | \JYQDENFN_JEN_+ �x /pr | udp |
| US | 8.8.8.8:53 | \JYQDENFN_JEN_+ �x /pr | udp |
| US | 8.8.8.8:53 | \JYQDENFN_JEN_+ �x /pr | udp |
| GB | 217.32.184.17:23 | tcp | |
| US | 8.8.8.8:53 | \JYQDENFN_JEN_+ �x /pr | udp |
| US | 8.8.8.8:53 | \JYQDENFN_JEN_+ �x /pr | udp |
| US | 8.8.8.8:53 | \JYQDENFN_JEN_+ �x /pr | udp |
| US | 8.8.8.8:53 | \JYQDENFN_JEN_+ �x /pr | udp |
| US | 8.8.8.8:53 | \JYQDENFN_JEN_+ �x /pr | udp |
| GB | 217.32.184.17:23 | tcp | |
| US | 8.8.8.8:53 | \JYQDENFN_JEN_+ �x /pr | udp |
| US | 8.8.8.8:53 | \JYQDENFN_JEN_+ �x /pr | udp |
| US | 8.8.8.8:53 | \JYQDENFN_JEN_+ �x /pr | udp |
| US | 8.8.8.8:53 | \JYQDENFN_JEN_+ �x /pr | udp |
| US | 8.8.8.8:53 | \JYQDENFN_JEN_+ �x /pr | udp |
| GB | 217.32.184.17:23 | tcp | |
| US | 8.8.8.8:53 | _http._tcp.security.ubuntu.com | udp |
| US | 8.8.8.8:53 | _http._tcp.se.archive.ubuntu.com | udp |
| US | 8.8.8.8:53 | security.ubuntu.com | udp |
| US | 8.8.8.8:53 | security.ubuntu.com | udp |
| US | 8.8.8.8:53 | se.archive.ubuntu.com | udp |
| US | 8.8.8.8:53 | se.archive.ubuntu.com | udp |
| US | 91.189.91.82:80 | security.ubuntu.com | tcp |
| SE | 194.71.11.173:80 | se.archive.ubuntu.com | tcp |
| US | 8.8.8.8:53 | _http._tcp.saimei.ftp.acc.umu.se | udp |
| US | 8.8.8.8:53 | _http._tcp.chuangtzu.ftp.acc.umu.se | udp |
| US | 8.8.8.8:53 | saimei.ftp.acc.umu.se | udp |
| US | 8.8.8.8:53 | saimei.ftp.acc.umu.se | udp |
| US | 8.8.8.8:53 | chuangtzu.ftp.acc.umu.se | udp |
| US | 8.8.8.8:53 | chuangtzu.ftp.acc.umu.se | udp |
| SE | 194.71.11.138:80 | saimei.ftp.acc.umu.se | tcp |
| US | 8.8.8.8:53 | \JYQDENFN_JEN_+ �x /pr | udp |
| US | 8.8.8.8:53 | \JYQDENFN_JEN_+ �x /pr | udp |
| US | 8.8.8.8:53 | \JYQDENFN_JEN_+ �x /pr | udp |
| US | 8.8.8.8:53 | \JYQDENFN_JEN_+ �x /pr | udp |
| US | 8.8.8.8:53 | \JYQDENFN_JEN_+ �x /pr | udp |
| GB | 217.32.184.17:23 | tcp | |
| US | 1.1.1.1:53 | chuangtzu.ftp.acc.umu.se | udp |
| US | 1.1.1.1:53 | chuangtzu.ftp.acc.umu.se | udp |
| US | 8.8.8.8:53 | chuangtzu.ftp.acc.umu.se | udp |
| SE | 194.71.11.167:80 | chuangtzu.ftp.acc.umu.se | tcp |
| US | 8.8.8.8:53 | \JYQDENFN_JEN_+ �x /pr | udp |
| US | 8.8.8.8:53 | \JYQDENFN_JEN_+ �x /pr | udp |
| US | 8.8.8.8:53 | \JYQDENFN_JEN_+ �x /pr | udp |
| US | 8.8.8.8:53 | \JYQDENFN_JEN_+ �x /pr | udp |
| US | 8.8.8.8:53 | \JYQDENFN_JEN_+ �x /pr | udp |
| GB | 217.32.184.17:23 | tcp | |
| US | 8.8.8.8:53 | \JYQDENFN_JEN_+ �x /pr | udp |
| US | 8.8.8.8:53 | \JYQDENFN_JEN_+ �x /pr | udp |
| US | 8.8.8.8:53 | \JYQDENFN_JEN_+ �x /pr | udp |
| US | 8.8.8.8:53 | \JYQDENFN_JEN_+ �x /pr | udp |
| US | 8.8.8.8:53 | \JYQDENFN_JEN_+ �x /pr | udp |
| GB | 217.32.184.17:23 | tcp | |
| US | 8.8.8.8:53 | \JYQDENFN_JEN_+ �x /pr | udp |
| US | 8.8.8.8:53 | \JYQDENFN_JEN_+ �x /pr | udp |
| US | 8.8.8.8:53 | \JYQDENFN_JEN_+ �x /pr | udp |
| US | 8.8.8.8:53 | \JYQDENFN_JEN_+ �x /pr | udp |
| US | 8.8.8.8:53 | \JYQDENFN_JEN_+ �x /pr | udp |
| GB | 217.32.184.17:23 | tcp | |
| US | 8.8.8.8:53 | \JYQDENFN_JEN_+ �x /pr | udp |
| US | 8.8.8.8:53 | \JYQDENFN_JEN_+ �x /pr | udp |
| US | 8.8.8.8:53 | \JYQDENFN_JEN_+ �x /pr | udp |
| US | 8.8.8.8:53 | \JYQDENFN_JEN_+ �x /pr | udp |
| US | 8.8.8.8:53 | \JYQDENFN_JEN_+ �x /pr | udp |
| GB | 217.32.184.17:23 | tcp | |
| US | 8.8.8.8:53 | \JYQDENFN_JEN_+ �x /pr | udp |
| US | 8.8.8.8:53 | \JYQDENFN_JEN_+ �x /pr | udp |
| US | 8.8.8.8:53 | \JYQDENFN_JEN_+ �x /pr | udp |
| US | 8.8.8.8:53 | \JYQDENFN_JEN_+ �x /pr | udp |
| US | 8.8.8.8:53 | \JYQDENFN_JEN_+ �x /pr | udp |
| GB | 217.32.184.17:23 | tcp | |
| US | 8.8.8.8:53 | \JYQDENFN_JEN_+ �x /pr | udp |
| US | 8.8.8.8:53 | \JYQDENFN_JEN_+ �x /pr | udp |
| US | 8.8.8.8:53 | \JYQDENFN_JEN_+ �x /pr | udp |
| US | 8.8.8.8:53 | \JYQDENFN_JEN_+ �x /pr | udp |
| US | 8.8.8.8:53 | \JYQDENFN_JEN_+ �x /pr | udp |
| GB | 217.32.184.17:23 | tcp | |
| US | 8.8.8.8:53 | \JYQDENFN_JEN_+ �x /pr | udp |
| US | 8.8.8.8:53 | \JYQDENFN_JEN_+ �x /pr | udp |
| US | 8.8.8.8:53 | \JYQDENFN_JEN_+ �x /pr | udp |
| US | 8.8.8.8:53 | \JYQDENFN_JEN_+ �x /pr | udp |
| US | 8.8.8.8:53 | \JYQDENFN_JEN_+ �x /pr | udp |
| GB | 217.32.184.17:23 | tcp |
Files
N/A