f2f274fd6ceff9d384e83d48e6922876fe4a75a1334c2b29190cee8887ffb861

Analysis

max time network
154s
platform
debian-9_armhf
resource
debian9-armhf-20240611-en
resource tags

arch:armhfimage:debian9-armhf-20240611-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
submitted
20/06/2024, 03:40

Target

682895d669c00cb40171dccf95804c26d0f621003a1cc92425285ca42d385ae7.elf
Size

71KB
MD5

95cd7abbbc21cfa67316f6f66cfdb7d6
SHA1

a13f71748fd5a16a2d1053f03c6949ecf739f833
SHA256

682895d669c00cb40171dccf95804c26d0f621003a1cc92425285ca42d385ae7
SHA512

2803514af043547e99f3ffc2e1923315982e6bbd72d10b09d57636ebb93f1c1dd60f2ac8f69fe027b7c914097d7a6f05829c5d5922b93b48b8d5c654769fcb73
SSDEEP

1536:tYr4t+G4eCfOJ1zuxiFkmlUmsOAnP8fF5wdjKrRnBUqTAlgcVzf:6r4t+veJLlUp8nGKrdBhTAzf

Score

9^/10

discovery

Contacts a large (93504) amount of remote hosts 1 TTPs
This may indicate a network scan to discover remotely running services.
discovery

Network Service Discovery
T1046
Creates a large amount of network flows 1 TTPs
This may indicate a network scan to discover remotely running services.
discovery

Network Service Discovery
T1046

Unexpected DNS network traffic destination 4 IoCs

Network traffic to other servers than the configured DNS servers was detected on the DNS port.

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact