HIGH Process Injection - 288965039
Detected (Reported)
ID: #6750
|
Detected: 2026-01-05 13:06:08
|
Malware
Alert Overview
Shared object injection using LD_PRELOAD on a shell command
Unclassified
XDR Agent
New
DS:PANW/XDR Agent
DOM:Security
Host Information
Process Information
Process Execution
Actor Process (Executor)
| Process Name | sshd |
|---|---|
| Path | /usr/sbin/sshd |
| PID | 89954 |
| SHA256 |
4cc983fa8f3a26626981dbbe79113348fb86cca3ec426f6af5fabd08215fd5e1
VT
|
| MD5 | 6abd5bb3990d37d6ad2027f5a155af22 |
/usr/sbin/sshd -DParent Process (Causality)
| Process Name | sshd |
|---|---|
| Path | /usr/sbin/sshd |
| SHA256 |
4cc983fa8f3a26626981dbbe79113348fb86cca3ec426f6af5fabd08215fd5e1
VT
|
/usr/sbin/sshd -DMITRE ATT&CK Mapping
Severity Analysis
HIGH
High priority investigation needed
Summary
Events
1
IP Addresses
1
Tags
2
File Artifacts
Yes
Network Artifacts
No
Registry Artifacts
No
Analyst Verdict