Linux Analysis Report

Overview

General Information

Analysis ID: 1431797
Infos:
Errors
  • No process behavior to analyse as no analysis process or sample was found

Detection

Score: 0
Range: 0 - 100
Whitelisted: false

Signatures

Detected TCP or UDP traffic on non-standard ports

Classification

Detected TCP or UDP traffic on non-standard ports
Source: global traffic TCP traffic: 192.168.2.20:44188 -> 104.168.45.11:7722
Source: global traffic TCP traffic: 192.168.2.20:52826 -> 198.12.124.76:21425
Source: unknown TCP traffic detected without corresponding DNS query: 94.156.79.129
Source: unknown TCP traffic detected without corresponding DNS query: 94.156.79.129
Source: unknown TCP traffic detected without corresponding DNS query: 94.156.79.129
Source: unknown TCP traffic detected without corresponding DNS query: 94.156.79.129
Source: unknown TCP traffic detected without corresponding DNS query: 94.156.79.129
Source: unknown TCP traffic detected without corresponding DNS query: 94.156.79.129
Source: unknown TCP traffic detected without corresponding DNS query: 94.156.79.129
Source: unknown TCP traffic detected without corresponding DNS query: 94.156.79.129
Source: unknown TCP traffic detected without corresponding DNS query: 94.156.79.129
Source: unknown TCP traffic detected without corresponding DNS query: 94.156.79.129
Source: unknown TCP traffic detected without corresponding DNS query: 94.156.79.129
Source: unknown TCP traffic detected without corresponding DNS query: 94.156.79.129
Source: unknown TCP traffic detected without corresponding DNS query: 94.156.79.129
Source: unknown TCP traffic detected without corresponding DNS query: 94.156.79.129
Source: unknown TCP traffic detected without corresponding DNS query: 94.156.79.129
Source: unknown TCP traffic detected without corresponding DNS query: 94.156.79.129
Source: unknown TCP traffic detected without corresponding DNS query: 94.156.79.129
Source: unknown TCP traffic detected without corresponding DNS query: 94.156.79.129
Source: unknown TCP traffic detected without corresponding DNS query: 94.156.79.129
Source: unknown TCP traffic detected without corresponding DNS query: 94.156.79.129
Source: unknown TCP traffic detected without corresponding DNS query: 94.156.79.129
Source: unknown TCP traffic detected without corresponding DNS query: 94.156.79.129
Source: unknown TCP traffic detected without corresponding DNS query: 94.156.79.129
Source: unknown TCP traffic detected without corresponding DNS query: 94.156.79.129
Source: unknown TCP traffic detected without corresponding DNS query: 94.156.79.129
Source: unknown TCP traffic detected without corresponding DNS query: 94.156.79.129
Source: unknown TCP traffic detected without corresponding DNS query: 94.156.79.129
Source: unknown TCP traffic detected without corresponding DNS query: 94.156.79.129
Source: unknown TCP traffic detected without corresponding DNS query: 94.156.79.129
Source: unknown TCP traffic detected without corresponding DNS query: 94.156.79.129
Source: unknown TCP traffic detected without corresponding DNS query: 94.156.79.129
Source: unknown TCP traffic detected without corresponding DNS query: 94.156.79.129
Source: unknown TCP traffic detected without corresponding DNS query: 94.156.79.129
Source: unknown TCP traffic detected without corresponding DNS query: 94.156.79.129
Source: unknown TCP traffic detected without corresponding DNS query: 94.156.79.129
Source: unknown TCP traffic detected without corresponding DNS query: 94.156.79.129
Source: unknown TCP traffic detected without corresponding DNS query: 94.156.79.129
Source: unknown TCP traffic detected without corresponding DNS query: 94.156.79.129
Source: unknown TCP traffic detected without corresponding DNS query: 94.156.79.129
Source: unknown TCP traffic detected without corresponding DNS query: 94.156.79.129
Source: unknown TCP traffic detected without corresponding DNS query: 94.156.79.129
Source: unknown TCP traffic detected without corresponding DNS query: 94.156.79.129
Source: unknown TCP traffic detected without corresponding DNS query: 94.156.79.129
Source: unknown TCP traffic detected without corresponding DNS query: 94.156.79.129
Source: unknown TCP traffic detected without corresponding DNS query: 94.156.79.129
Source: unknown TCP traffic detected without corresponding DNS query: 94.156.79.129
Source: unknown TCP traffic detected without corresponding DNS query: 94.156.79.129
Source: unknown TCP traffic detected without corresponding DNS query: 94.156.79.129
Source: unknown TCP traffic detected without corresponding DNS query: 94.156.79.129
Source: unknown TCP traffic detected without corresponding DNS query: 94.156.79.129
Source: global traffic HTTP traffic detected: GET /tenda.sh HTTP/1.1User-Agent: Wget/1.17.1 (linux-gnu)Accept: */*Accept-Encoding: identityHost: 94.156.79.129Connection: Keep-Alive
Source: global traffic HTTP traffic detected: GET /mips HTTP/1.1User-Agent: Wget/1.17.1 (linux-gnu)Accept: */*Accept-Encoding: identityHost: 94.156.79.129Connection: Keep-Alive
Source: global traffic HTTP traffic detected: GET /mpsl HTTP/1.1User-Agent: Wget/1.17.1 (linux-gnu)Accept: */*Accept-Encoding: identityHost: 94.156.79.129Connection: Keep-Alive
Source: global traffic DNS traffic detected: DNS query: tcpdown.su@v
Source: global traffic DNS traffic detected: DNS query: daisy.ubuntu.com
Source: classification engine Classification label: unknown0.lin@0/0@7/0

No Screenshots

  • No. of IPs < 25%
  • 25% < No. of IPs < 50%
  • 50% < No. of IPs < 75%
  • 75% < No. of IPs

Contacted Public IPs

IP Domain Country Flag ASN ASN Name Malicious
104.168.45.11
 unknown United States
36352 AS-COLOCROSSINGUS false
198.12.124.76
 unknown United States
36352 AS-COLOCROSSINGUS false
94.156.79.129
 unknown Bulgaria
43561 NET1-ASBG false

Contacted Domains

Name IP Active
daisy.ubuntu.com 162.213.35.25 true
tcpdown.su 172.245.119.70 true
tcpdown.su@v unknown unknown

Contacted URLs

Name Malicious Antivirus Detection Reputation
http://94.156.79.129/mips false
    		unknown
    http://94.156.79.129/mpsl false
      		unknown
      http://94.156.79.129/tenda.sh false
        		unknown