Type | IOC | Details |
File | e27e6e4010b81be6915cdb5bb225c579 | Path: /root/c_sh |
File | 066ef9ef85f7fd0427f46a287407e038 | Path: /root/config.json |
File | 438e9d2173b891c9268b547d32d57a30 | Path: /root/startup.sh |
Image | felilca/ubuntu:latest | https://hub.docker.com/r/felilca/ubuntu/tags |
IP address | 62[.]80[.]226[.]102 | Attacker’s C2 server |
IP address | 206[.]189[.]165[.]199 | Attacker’s IP address |