52555d6d0dcc551861e27d4b46c22e697b0764cae4f5086e38be020f1f43dd8d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

220d50d51a92a8fe2a109fc6a92de91b.bin
Size

229KB
Sample

240902-bgkv2axbrl
MD5

29bdd3f7ff3c17d14d1348e7484d84dd
SHA1

f8743d595a997c1b7ea923c51ba5a1eb59f5bff9
SHA256

52555d6d0dcc551861e27d4b46c22e697b0764cae4f5086e38be020f1f43dd8d
SHA512

813addc44708e81f818ef59f525a2ba76f8aa3c43deb5c647e763494f486d355f098bd05aa41c37d975888bc0c44947736c171e622a7c14a15bf0b6848b5b697
SSDEEP

6144:ubJ50WJtC3gzbqvXOLIHdpBuH1rANEWE6Z:ubb03bOdVrWEk

Score

9^/10

discovery

Malware Config

Targets

- Target
  
  1e31df3c8fc2d8fe28fa013f1e69763de76d6792d89a2c75e557926a973659ac.elf
- Size
  
  460KB
- MD5
  
  220d50d51a92a8fe2a109fc6a92de91b
- SHA1
  
  4168b3819ad07c57c6d74006e06a3808ed8b3aa7
- SHA256
  
  1e31df3c8fc2d8fe28fa013f1e69763de76d6792d89a2c75e557926a973659ac
- SHA512
  
  39474f22b2ebaeb9ea2cfeb13d42ad71af075c64129fbdb084b990f8f4a3e21c204e29ef2295b10bd3948d9443ca19b2629cb023f00efb45074e5f2c71a2d988
- SSDEEP
  
  6144:bKtXtvNLljYtt+LMa27C1I4S7SWGpsGJvHK0H9rWgtgp8eXt:bEjLlkoC4AX4q0dXgp8eXt
Score

9^/10

discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Renames itself
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1