Linux Analysis Report
x86

Overview

General Information

Sample Name:	x86
Analysis ID:	635907
MD5:	bef642eeed970f7c3ee944a513ea4c88
SHA1:	baaa1dc20118f95134cb1ca1fa0c32ad49ed8eeb
SHA256:	10f35885f96f694fbf6239de4f4e400367cdb0201bd6b4a6fa85b3cc609de22e
Infos:

Detection

Mirai

Score:	64
Range:	0 - 100
Whitelisted:	false

Signatures

Multi AV Scanner detection for submitted file

Yara detected Mirai

Machine Learning detection for sample

Uses known network protocols on non-standard ports

Tries to connect to HTTP servers, but all servers are down (expired dropper behavior)

Detected TCP or UDP traffic on non-standard ports

Sample has stripped symbol table

Classification

Signatures

AV Detection

Multi AV Scanner detection for submitted file

Source: x86

Virustotal: Detection: 45%

Perma Link

Machine Learning detection for sample

Source: x86

Joe Sandbox ML: detected

Networking

Uses known network protocols on non-standard ports

Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 36102
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 36150
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 36194
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 36228
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 36276
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 36316
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 55232
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 36348
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 36390
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 55258
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 55436
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 36450
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 36738
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 36796
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 36846
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 55504
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 36882
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 55816
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 36928
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 55840
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 36958
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 55874
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 37056
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 37134
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 37200
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 37254
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 55976
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 56270
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 56296
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 56314
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 56330
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 37288
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 56354
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 37490
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 56452
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 56532
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 56622
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 56694
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 56750
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 56798
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 56854
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 37586
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 38010
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 38052
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 38194
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 38350
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 38454
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 56884
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 38542
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 57504
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 57562
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 57628
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 57674
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 57700
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 57740
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 57700
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 57802

Tries to connect to HTTP servers, but all servers are down (expired dropper behavior)

Source: global traffic	TCP traffic: 192.168.2.23:42836 -> 91.189.91.43:443
Source: global traffic	TCP traffic: 192.168.2.23:42516 -> 109.202.202.202:80
Source: global traffic	TCP traffic: 192.168.2.23:43928 -> 91.189.91.42:443

Detected TCP or UDP traffic on non-standard ports

Source: global traffic

TCP traffic: 192.168.2.23:35432 -> 190.123.44.199:39497

Source: unknown	Network traffic detected: HTTP traffic on port 43928 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 42836 -> 443

Source: unknown	TCP traffic detected without corresponding DNS query: 119.48.37.48
Source: unknown	TCP traffic detected without corresponding DNS query: 112.199.58.34
Source: unknown	TCP traffic detected without corresponding DNS query: 112.199.58.34
Source: unknown	TCP traffic detected without corresponding DNS query: 119.48.37.48
Source: unknown	TCP traffic detected without corresponding DNS query: 91.189.91.43
Source: unknown	TCP traffic detected without corresponding DNS query: 109.202.202.202
Source: unknown	TCP traffic detected without corresponding DNS query: 119.48.37.48
Source: unknown	TCP traffic detected without corresponding DNS query: 8.96.87.23
Source: unknown	TCP traffic detected without corresponding DNS query: 101.211.21.120
Source: unknown	TCP traffic detected without corresponding DNS query: 119.21.212.120
Source: unknown	TCP traffic detected without corresponding DNS query: 31.254.177.252
Source: unknown	TCP traffic detected without corresponding DNS query: 162.189.50.109
Source: unknown	TCP traffic detected without corresponding DNS query: 92.155.50.169
Source: unknown	TCP traffic detected without corresponding DNS query: 1.114.66.222
Source: unknown	TCP traffic detected without corresponding DNS query: 83.164.66.106
Source: unknown	TCP traffic detected without corresponding DNS query: 80.45.115.63
Source: unknown	TCP traffic detected without corresponding DNS query: 19.139.69.139
Source: unknown	TCP traffic detected without corresponding DNS query: 136.163.173.249
Source: unknown	TCP traffic detected without corresponding DNS query: 100.17.171.186
Source: unknown	TCP traffic detected without corresponding DNS query: 2.253.132.212
Source: unknown	TCP traffic detected without corresponding DNS query: 102.143.203.201
Source: unknown	TCP traffic detected without corresponding DNS query: 18.19.199.39
Source: unknown	TCP traffic detected without corresponding DNS query: 117.78.143.153
Source: unknown	TCP traffic detected without corresponding DNS query: 131.130.219.36
Source: unknown	TCP traffic detected without corresponding DNS query: 87.129.46.43
Source: unknown	TCP traffic detected without corresponding DNS query: 72.201.168.50
Source: unknown	TCP traffic detected without corresponding DNS query: 91.78.49.31
Source: unknown	TCP traffic detected without corresponding DNS query: 118.61.172.171
Source: unknown	TCP traffic detected without corresponding DNS query: 117.236.64.119
Source: unknown	TCP traffic detected without corresponding DNS query: 218.55.177.68
Source: unknown	TCP traffic detected without corresponding DNS query: 102.24.47.215
Source: unknown	TCP traffic detected without corresponding DNS query: 70.37.108.135
Source: unknown	TCP traffic detected without corresponding DNS query: 117.182.136.248
Source: unknown	TCP traffic detected without corresponding DNS query: 87.32.147.70
Source: unknown	TCP traffic detected without corresponding DNS query: 155.15.109.18
Source: unknown	TCP traffic detected without corresponding DNS query: 190.247.152.244
Source: unknown	TCP traffic detected without corresponding DNS query: 125.239.28.124
Source: unknown	TCP traffic detected without corresponding DNS query: 131.48.123.198
Source: unknown	TCP traffic detected without corresponding DNS query: 161.184.56.240
Source: unknown	TCP traffic detected without corresponding DNS query: 108.162.204.92
Source: unknown	TCP traffic detected without corresponding DNS query: 147.166.16.121
Source: unknown	TCP traffic detected without corresponding DNS query: 196.134.215.117
Source: unknown	TCP traffic detected without corresponding DNS query: 42.27.39.90
Source: unknown	TCP traffic detected without corresponding DNS query: 58.57.176.45
Source: unknown	TCP traffic detected without corresponding DNS query: 168.229.44.89
Source: unknown	TCP traffic detected without corresponding DNS query: 80.116.246.85
Source: unknown	TCP traffic detected without corresponding DNS query: 23.202.87.42
Source: unknown	TCP traffic detected without corresponding DNS query: 135.84.138.222
Source: unknown	TCP traffic detected without corresponding DNS query: 221.54.169.180
Source: unknown	TCP traffic detected without corresponding DNS query: 153.35.145.184

Sample has stripped symbol table

Source: ELF static info symbol of initial sample

.symtab present: no

Source: classification engine

Classification label: mal64.troj.lin@0/0@0/0

Hooking and other Techniques for Hiding and Protection

Uses known network protocols on non-standard ports

Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 36102
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 36150
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 36194
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 36228
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 36276
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 36316
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 55232
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 36348
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 36390
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 55258
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 55436
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 36450
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 36738
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 36796
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 36846
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 55504
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 36882
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 55816
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 36928
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 55840
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 36958
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 55874
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 37056
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 37134
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 37200
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 37254
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 55976
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 56270
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 56296
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 56314
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 56330
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 37288
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 56354
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 37490
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 56452
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 56532
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 56622
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 56694
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 56750
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 56798
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 56854
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 37586
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 38010
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 38052
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 38194
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 38350
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 38454
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 56884
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 38542
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 57504
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 57562
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 57628
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 57674
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 57700
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 57740
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 57700
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 57802

Stealing of Sensitive Information

Yara detected Mirai

Source: Yara match

File source: dump.pcap, type: PCAP

Remote Access Functionality

Yara detected Mirai

Source: Yara match

File source: dump.pcap, type: PCAP

Screenshots

No Screenshots

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
71.82.186.46	unknown	United States	20115	CHARTER-20115US	false
8.188.166.156	unknown	Singapore	37963	CNNIC-ALIBABA-CN-NET-APHangzhouAlibabaAdvertisingCoLtd	false
222.18.102.174	unknown	China	4538	ERX-CERNET-BKBChinaEducationandResearchNetworkCenter	false
163.69.133.211	unknown	France	17816	CHINA169-GZChinaUnicomIPnetworkChina169Guangdongprovi	false
161.199.170.152	unknown	United States	27311	AS27311US	false
97.195.248.46	unknown	United States	6167	CELLCO-PARTUS	false
167.127.239.68	unknown	United States	11520	ALLSTATE-INSURANCE-COUS	false
115.107.38.68	unknown	China	17488	HATHWAY-NET-APHathwayIPOverCableInternetIN	false
173.66.71.180	unknown	United States	701	UUNETUS	false
24.45.250.77	unknown	United States	6128	CABLE-NET-1US	false
92.184.111.45	unknown	France	3215	FranceTelecom-OrangeFR	false
61.106.99.55	unknown	Korea Republic of	17839	DREAMPLUS-AS-KRLGHelloVisionCorpKR	false
98.112.164.94	unknown	United States	7018	ATT-INTERNET4US	false
223.217.50.228	unknown	Japan	4713	OCNNTTCommunicationsCorporationJP	false
112.183.28.110	unknown	Korea Republic of	4766	KIXS-AS-KRKoreaTelecomKR	false
183.23.36.205	unknown	China	4134	CHINANET-BACKBONENo31Jin-rongStreetCN	false
161.145.179.44	unknown	United States	263740	CorporacionLaceibanetsocietyHN	false
171.188.4.179	unknown	United States	9874	STARHUB-MOBILEStarHubLtdSG	false
66.126.55.147	unknown	United States	22352	APPLIED-TECHNOLOGYUS	false
206.219.82.9	unknown	United States	6461	ZAYO-6461US	false
1.68.163.174	unknown	China	4134	CHINANET-BACKBONENo31Jin-rongStreetCN	false
141.89.138.125	unknown	Germany	680	DFNVereinzurFoerderungeinesDeutschenForschungsnetzese	false
139.182.115.224	unknown	United States	2152	CSUNET-NWUS	false
63.100.146.131	unknown	United States	701	UUNETUS	false
116.40.101.173	unknown	Korea Republic of	17858	POWERVIS-AS-KRLGPOWERCOMMKR	false
166.111.47.118	unknown	China	4538	ERX-CERNET-BKBChinaEducationandResearchNetworkCenter	false
73.99.131.134	unknown	United States	7922	COMCAST-7922US	false
71.75.173.83	unknown	United States	11426	TWC-11426-CAROLINASUS	false
20.231.62.15	unknown	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
220.79.231.181	unknown	Korea Republic of	4766	KIXS-AS-KRKoreaTelecomKR	false
130.146.219.140	unknown	Netherlands	6908	DATAHOPDatahop-SixDegreesGB	false
18.252.179.134	unknown	United States	16509	AMAZON-02US	false
174.130.97.135	unknown	United States	7029	WINDSTREAMUS	false
168.5.246.18	unknown	United States	8	RICE-ASUS	false
103.223.165.48	unknown	China	135445	IDNIC-AIRPAY-AS-IDPTAirpayInternationalIndonesiaID	false
63.202.183.61	unknown	United States	7018	ATT-INTERNET4US	false
196.170.140.141	unknown	Togo	24691	TOGOTEL-ASTogoTelecomTogoTG	false
181.45.1.154	unknown	Argentina	27747	TelecentroSAAR	false
206.9.140.116	unknown	United States	5006	VOYANTUS	false
109.174.181.139	unknown	United Kingdom	4589	EASYNETEasynetGlobalServicesEU	false
182.134.160.88	unknown	China	4134	CHINANET-BACKBONENo31Jin-rongStreetCN	false
95.183.142.116	unknown	Turkey	8517	ULAKNETTR	false
9.100.126.155	unknown	United States	3356	LEVEL3US	false
34.96.75.202	unknown	United States	15169	GOOGLEUS	false
169.80.122.10	unknown	United States	37611	AfrihostZA	false
212.229.189.169	unknown	United Kingdom	6659	NEXINTO-DE	false
193.122.239.176	unknown	United States	31898	ORACLE-BMC-31898US	false
199.98.250.141	unknown	United States	174	COGENT-174US	false
152.247.120.26	unknown	Brazil	26599	TELEFONICABRASILSABR	false
98.175.159.226	unknown	United States	22773	ASN-CXA-ALL-CCI-22773-RDCUS	false
149.64.54.62	unknown	United States	188	SAIC-ASUS	false
185.91.208.162	unknown	Azerbaijan	198193	ASN-TCABLEES	false
54.109.99.197	unknown	United States	16509	AMAZON-02US	false
91.211.55.231	unknown	Russian Federation	48494	MKNET-ASCZ	false
9.195.199.9	unknown	United States	3356	LEVEL3US	false
114.108.48.50	unknown	Korea Republic of	23563	VITSSEN-SUWON-AS-KRTbroadSuwonBroadcastingCorporationK	false
218.72.121.235	unknown	China	4134	CHINANET-BACKBONENo31Jin-rongStreetCN	false
18.133.194.252	unknown	United States	16509	AMAZON-02US	false
157.21.250.131	unknown	United States	53446	EVMSUS	false
38.118.59.140	unknown	United States	174	COGENT-174US	false
184.98.240.213	unknown	United States	209	CENTURYLINK-US-LEGACY-QWESTUS	false
176.86.239.65	unknown	Spain	3352	TELEFONICA_DE_ESPANAES	false
203.101.40.148	unknown	India	24560	AIRTELBROADBAND-AS-APBhartiAirtelLtdTelemediaServices	false
216.137.217.153	unknown	United States	11090	MTAONLINE-ASUS	false
89.67.99.51	unknown	Poland	6830	LIBERTYGLOBALLibertyGlobalformerlyUPCBroadbandHolding	false
183.152.181.199	unknown	China	4134	CHINANET-BACKBONENo31Jin-rongStreetCN	false
39.3.14.235	unknown	Japan	4725	ODNSoftBankMobileCorpJP	false
185.203.160.88	unknown	Iran (ISLAMIC Republic Of)	205837	SADADPSP-ASSadadProcessingModernServicesCompanyPJS	false
90.34.68.223	unknown	France	3215	FranceTelecom-OrangeFR	false
187.213.164.208	unknown	Mexico	8151	UninetSAdeCVMX	false
200.172.238.44	unknown	Brazil	4230	CLAROSABR	false
61.73.112.244	unknown	Korea Republic of	4766	KIXS-AS-KRKoreaTelecomKR	false
81.148.253.114	unknown	United Kingdom	2856	BT-UK-ASBTnetUKRegionalnetworkGB	false
45.173.39.97	unknown	Brazil	268790	DEBORAALINEALMEIDA-MEBR	false
131.215.33.187	unknown	United States	31	CITUS	false
112.183.28.147	unknown	Korea Republic of	4766	KIXS-AS-KRKoreaTelecomKR	false
99.55.160.90	unknown	United States	7018	ATT-INTERNET4US	false
108.30.94.26	unknown	United States	701	UUNETUS	false
136.94.212.177	unknown	United States	60311	ONEFMCH	false
115.6.239.91	unknown	Korea Republic of	4766	KIXS-AS-KRKoreaTelecomKR	false
42.170.152.249	unknown	China	4249	LILLY-ASUS	false
77.19.124.127	unknown	Norway	2119	TELENOR-NEXTELTelenorNorgeASNO	false
209.210.62.8	unknown	United States	396033	BFDX515US	false
149.210.46.1	unknown	Greece	29247	COSMOTE-GRCosmoteMobileTelecommunicationsSAGR	false
85.103.175.203	unknown	Turkey	9121	TTNETTR	false
125.137.19.174	unknown	Korea Republic of	4766	KIXS-AS-KRKoreaTelecomKR	false
213.23.15.125	unknown	Germany	3209	VODANETInternationalIP-BackboneofVodafoneDE	false
191.154.239.239	unknown	Colombia	26611	COMCELSACO	false
153.248.18.11	unknown	Japan	4713	OCNNTTCommunicationsCorporationJP	false
179.185.213.56	unknown	Brazil	18881	TELEFONICABRASILSABR	false
84.223.116.24	unknown	Italy	8612	TISCALI-IT	false
94.9.108.60	unknown	United Kingdom	5607	BSKYB-BROADBAND-ASGB	false
203.190.179.96	unknown	Singapore	7552	VIETEL-AS-APViettelGroupVN	false
158.113.125.249	unknown	United States	49278	NORDEFNO	false
42.30.66.52	unknown	Korea Republic of	9644	SKTELECOM-NET-ASSKTelecomKR	false
128.83.226.100	unknown	United States	18	UTEXASUS	false
218.209.89.102	unknown	Korea Republic of	23563	VITSSEN-SUWON-AS-KRTbroadSuwonBroadcastingCorporationK	false
98.67.105.92	unknown	United States	11351	TWC-11351-NORTHEASTUS	false
161.26.142.204	unknown	United States	1916	AssociacaoRedeNacionaldeEnsinoePesquisaBR	false
131.141.109.74	unknown	Canada	74	SSC-299-Z-74CA	false

ID:	635907
Product:	CloudBasic
Start time:	06:58:45
Start date:	30.05.2022
Sample:	x86
Cookbook:	defaultlinuxfilecookbook.jbs
System description:	Ubuntu Linux 20.04 x64 (Kernel 5.4.0-72, Firefox 91.0, Evince Document Viewer 3.36.10, LibreOffice 6.4.7.2, OpenJDK 11.0.11)
Architecture:	LINUX
MD5:	bef642eeed970f7c3ee944a513ea4c88
SHA1:	baaa1dc20118f95134cb1ca1fa0c32ad49ed8eeb
SHA256:	10f35885f96f694fbf6239de4f4e400367cdb0201bd6b4a6fa85b3cc609de22e
Filetype:	ELF Executable and Linkable format (Linux) (4029/14) 50.16%

Linux Analysis Report x86

Overview

General Information

Detection

Signatures

Classification

Signatures

AV Detection

Networking

System Summary

Hooking and other Techniques for Hiding and Protection

Stealing of Sensitive Information

Remote Access Functionality

Screenshots

Network Map

Contacted Public IPs

Linux Analysis Report
x86