Analysis Overview
SHA256
8f8f51ed641d67b597e1793576ec67262ab5ee7382e6b3b6f3fd2bfaae7a792f
Threat Level: Likely benign
The file pics.zip was found to be: Likely benign.
Malicious Activity Summary
System Network Configuration Discovery
One or more HTTP URLs in qr code identified
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-11-05 11:28
Signatures
One or more HTTP URLs in qr code identified
Analysis: behavioral21
Detonation Overview
Submitted
2024-11-05 11:28
Reported
2024-11-05 11:28
Platform
ubuntu1804-amd64-20240611-en
Max time kernel
0s
Command Line
Signatures
Processes
/tmp/pics/bed.jpg
[/tmp/pics/bed.jpg]
Network
Files
Analysis: behavioral4
Detonation Overview
Submitted
2024-11-05 11:28
Reported
2024-11-05 11:28
Platform
debian9-mipsel-20240611-en
Max time kernel
0s
Command Line
Signatures
System Network Configuration Discovery
| Description | Indicator | Process | Target |
| N/A | N/A | /tmp/pics.zip | N/A |
Processes
/tmp/pics.zip
[/tmp/pics.zip]
Network
Files
Analysis: behavioral12
Detonation Overview
Submitted
2024-11-05 11:28
Reported
2024-11-05 11:28
Platform
debian9-mipsel-20240611-en
Max time kernel
0s
Command Line
Signatures
Processes
/tmp/pics/amogus.gif
[/tmp/pics/amogus.gif]
Network
Files
Analysis: behavioral13
Detonation Overview
Submitted
2024-11-05 11:28
Reported
2024-11-05 11:28
Platform
ubuntu1804-amd64-20240729-en
Max time kernel
0s
Max time network
2s
Command Line
Signatures
Processes
/tmp/pics/bean.gif
[/tmp/pics/bean.gif]
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp |
Files
Analysis: behavioral14
Detonation Overview
Submitted
2024-11-05 11:28
Reported
2024-11-05 11:28
Platform
debian9-armhf-20240611-en
Max time kernel
0s
Command Line
Signatures
Processes
/tmp/pics/bean.gif
[/tmp/pics/bean.gif]
Network
Files
Analysis: behavioral18
Detonation Overview
Submitted
2024-11-05 11:28
Reported
2024-11-05 11:28
Platform
debian9-armhf-20240611-en
Max time kernel
0s
Command Line
Signatures
Processes
/tmp/pics/bear.png
[/tmp/pics/bear.png]
Network
Files
Analysis: behavioral3
Detonation Overview
Submitted
2024-11-05 11:28
Reported
2024-11-05 11:28
Platform
debian9-mipsbe-20240729-en
Max time kernel
0s
Command Line
Signatures
System Network Configuration Discovery
| Description | Indicator | Process | Target |
| N/A | N/A | /tmp/pics.zip | N/A |
Processes
/tmp/pics.zip
[/tmp/pics.zip]
Network
Files
Analysis: behavioral6
Detonation Overview
Submitted
2024-11-05 11:28
Reported
2024-11-05 11:28
Platform
debian9-armhf-20240611-en
Max time kernel
0s
Command Line
Signatures
Processes
/tmp/pics/Thumbs.db
[/tmp/pics/Thumbs.db]
Network
Files
Analysis: behavioral27
Detonation Overview
Submitted
2024-11-05 11:28
Reported
2024-11-05 11:28
Platform
debian9-mipsbe-20240729-en
Max time kernel
0s
Command Line
Signatures
Processes
/tmp/pics/bed2.jpg
[/tmp/pics/bed2.jpg]
Network
Files
Analysis: behavioral30
Detonation Overview
Submitted
2024-11-05 11:28
Reported
2024-11-05 11:28
Platform
debian9-armhf-20240729-en
Max time kernel
0s
Command Line
Signatures
Processes
/tmp/pics/bed2.webp
[/tmp/pics/bed2.webp]
Network
Files
Analysis: behavioral32
Detonation Overview
Submitted
2024-11-05 11:28
Reported
2024-11-05 11:28
Platform
debian9-mipsel-20240729-en
Max time kernel
0s
Command Line
Signatures
Processes
/tmp/pics/bed2.webp
[/tmp/pics/bed2.webp]
Network
Files
Analysis: behavioral22
Detonation Overview
Submitted
2024-11-05 11:28
Reported
2024-11-05 11:29
Platform
debian9-armhf-20240611-en
Max time kernel
0s
Command Line
Signatures
Processes
/tmp/pics/bed.jpg
[/tmp/pics/bed.jpg]
Network
Files
Analysis: behavioral24
Detonation Overview
Submitted
2024-11-05 11:28
Reported
2024-11-05 11:28
Platform
debian9-mipsel-20240611-en
Max time kernel
0s
Command Line
Signatures
Processes
/tmp/pics/bed.jpg
[/tmp/pics/bed.jpg]
Network
Files
Analysis: behavioral25
Detonation Overview
Submitted
2024-11-05 11:28
Reported
2024-11-05 11:28
Platform
ubuntu1804-amd64-20240611-en
Max time kernel
0s
Command Line
Signatures
Processes
/tmp/pics/bed2.jpg
[/tmp/pics/bed2.jpg]
Network
Files
Analysis: behavioral26
Detonation Overview
Submitted
2024-11-05 11:28
Reported
2024-11-05 11:28
Platform
debian9-armhf-20240611-en
Max time kernel
0s
Command Line
Signatures
Processes
/tmp/pics/bed2.jpg
[/tmp/pics/bed2.jpg]
Network
Files
Analysis: behavioral2
Detonation Overview
Submitted
2024-11-05 11:28
Reported
2024-11-05 11:28
Platform
debian9-armhf-20240611-en
Max time kernel
0s
Command Line
Signatures
System Network Configuration Discovery
| Description | Indicator | Process | Target |
| N/A | N/A | /tmp/pics.zip | N/A |
Processes
/tmp/pics.zip
[/tmp/pics.zip]
Network
Files
Analysis: behavioral10
Detonation Overview
Submitted
2024-11-05 11:28
Reported
2024-11-05 11:28
Platform
debian9-armhf-20240611-en
Max time kernel
0s
Command Line
Signatures
Processes
/tmp/pics/amogus.gif
[/tmp/pics/amogus.gif]
Network
Files
Analysis: behavioral31
Detonation Overview
Submitted
2024-11-05 11:28
Reported
2024-11-05 11:28
Platform
debian9-mipsbe-20240611-en
Max time kernel
0s
Command Line
Signatures
Processes
/tmp/pics/bed2.webp
[/tmp/pics/bed2.webp]
Network
Files
Analysis: behavioral15
Detonation Overview
Submitted
2024-11-05 11:28
Reported
2024-11-05 11:28
Platform
debian9-mipsbe-20240611-en
Max time kernel
0s
Command Line
Signatures
Processes
/tmp/pics/bean.gif
[/tmp/pics/bean.gif]
Network
Files
Analysis: behavioral16
Detonation Overview
Submitted
2024-11-05 11:28
Reported
2024-11-05 11:28
Platform
debian9-mipsel-20240729-en
Max time kernel
0s
Command Line
Signatures
Processes
/tmp/pics/bean.gif
[/tmp/pics/bean.gif]
Network
Files
Analysis: behavioral17
Detonation Overview
Submitted
2024-11-05 11:28
Reported
2024-11-05 11:28
Platform
ubuntu1804-amd64-20240611-en
Max time kernel
0s
Command Line
Signatures
Processes
/tmp/pics/bear.png
[/tmp/pics/bear.png]
Network
Files
Analysis: behavioral19
Detonation Overview
Submitted
2024-11-05 11:28
Reported
2024-11-05 11:28
Platform
debian9-mipsbe-20240729-en
Max time kernel
0s
Command Line
Signatures
Processes
/tmp/pics/bear.png
[/tmp/pics/bear.png]
Network
Files
Analysis: behavioral28
Detonation Overview
Submitted
2024-11-05 11:28
Reported
2024-11-05 11:28
Platform
debian9-mipsel-20240611-en
Max time kernel
0s
Command Line
Signatures
Processes
/tmp/pics/bed2.jpg
[/tmp/pics/bed2.jpg]
Network
Files
Analysis: behavioral5
Detonation Overview
Submitted
2024-11-05 11:28
Reported
2024-11-05 11:28
Platform
ubuntu1804-amd64-20240611-en
Max time kernel
0s
Command Line
Signatures
Processes
/tmp/pics/Thumbs.db
[/tmp/pics/Thumbs.db]
Network
Files
Analysis: behavioral11
Detonation Overview
Submitted
2024-11-05 11:28
Reported
2024-11-05 11:28
Platform
debian9-mipsbe-20240611-en
Max time kernel
0s
Command Line
Signatures
Processes
/tmp/pics/amogus.gif
[/tmp/pics/amogus.gif]
Network
Files
Analysis: behavioral29
Detonation Overview
Submitted
2024-11-05 11:28
Reported
2024-11-05 11:28
Platform
ubuntu1804-amd64-20240729-en
Max time kernel
0s
Command Line
Signatures
Processes
/tmp/pics/bed2.webp
[/tmp/pics/bed2.webp]
Network
Files
Analysis: behavioral1
Detonation Overview
Submitted
2024-11-05 11:28
Reported
2024-11-05 11:28
Platform
ubuntu1804-amd64-20240611-en
Max time kernel
0s
Command Line
Signatures
System Network Configuration Discovery
| Description | Indicator | Process | Target |
| N/A | N/A | /tmp/pics.zip | N/A |
Processes
/tmp/pics.zip
[/tmp/pics.zip]
Network
Files
Analysis: behavioral7
Detonation Overview
Submitted
2024-11-05 11:28
Reported
2024-11-05 11:28
Platform
debian9-mipsbe-20240611-en
Max time kernel
0s
Command Line
Signatures
Processes
/tmp/pics/Thumbs.db
[/tmp/pics/Thumbs.db]
Network
Files
Analysis: behavioral8
Detonation Overview
Submitted
2024-11-05 11:28
Reported
2024-11-05 11:28
Platform
debian9-mipsel-20240729-en
Max time kernel
0s
Command Line
Signatures
Processes
/tmp/pics/Thumbs.db
[/tmp/pics/Thumbs.db]
Network
Files
Analysis: behavioral9
Detonation Overview
Submitted
2024-11-05 11:28
Reported
2024-11-05 11:28
Platform
ubuntu1804-amd64-20240611-en
Max time kernel
0s
Max time network
1s
Command Line
Signatures
Processes
/tmp/pics/amogus.gif
[/tmp/pics/amogus.gif]
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp |
Files
Analysis: behavioral23
Detonation Overview
Submitted
2024-11-05 11:28
Reported
2024-11-05 11:28
Platform
debian9-mipsbe-20240729-en
Max time kernel
0s
Command Line
Signatures
Processes
/tmp/pics/bed.jpg
[/tmp/pics/bed.jpg]
Network
Files
Analysis: behavioral20
Detonation Overview
Submitted
2024-11-05 11:28
Reported
2024-11-05 11:28
Platform
debian9-mipsel-20240611-en
Max time kernel
0s
Command Line
Signatures
Processes
/tmp/pics/bear.png
[/tmp/pics/bear.png]