Overview

overview

10

Static

static

10

a46aab76

ubuntu-22.04-amd64

4

chme

ubuntu-22.04-amd64

4

isots

ubuntu-24.04-amd64

6

mctes

ubuntu-18.04-amd64

1

mswc

ubuntu-24.04-amd64

1

netstat.gz

windows7-x64

1

netstat.gz

windows10-2004-x64

1

blue_helper

ubuntu-20.04-amd64

10

kerndiacet

ubuntu-24.04-amd64

10

systemctl

ubuntu-24.04-amd64

3

uptime

ubuntu-22.04-amd64

3

w

ubuntu-22.04-amd64

3

node1

ubuntu-22.04-amd64

1

pasuspende

ubuntu-18.04-amd64

6

pasuspende

debian-9-armhf

6

pasuspende

debian-9-mips

6

pasuspende

debian-9-mipsel

6

systemctl

ubuntu-18.04-amd64

1

uptime

ubuntu-24.04-amd64

3

w

ubuntu-24.04-amd64

3

Analysis

  • max time kernel
    0s
  • max time network
    129s
  • platform
    ubuntu-24.04_amd64
  • resource
    ubuntu2404-amd64-20250307-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2404-amd64-20250307-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system
  • submitted
    19/03/2025, 06:15

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    isots

  • Size

    154KB

  • MD5

    d31d945767dd5a51e78ff0069533635f

  • SHA1

    64665a224f472b07778819f38ff5a300c1712eeb

  • SHA256

    7af5f6cda055b65e31298fe20ed4456a87d2ca92803552bc0d3422f0e1a1fda1

  • SHA512

    8efeb8df05338abbd4305fc48914a91012edc91c2f6423ba59f4e54303c867dc7c5723ee94ade118585aa6965cc888558e699533f4f9d5eeb22e45c57634a628

  • SSDEEP

    1536:lVVZidyDSsOKijSMQHiubRaPuFzbCPopEjApaSH0YnYHAznwfoORW3yfrEjucVBF:fidyKKijokmQPHcpaSHyftW3XUsNTf

Score
6/10
discovery

Malware Config

Signatures

  • Enumerates active TCP sockets 1 TTPs 1 IoCs

    Gets active TCP sockets from /proc virtual filesystem.

    discovery
  • Reads system network configuration 1 TTPs 19 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

    discovery
  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

    discovery

Processes

  • /tmp/isots
    /tmp/isots
    1⤵
    • Enumerates active TCP sockets
    • Reads system network configuration
    • Reads runtime system information
    PID:2542

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads