MEDIUM Perl script connecting to network
RESOLVED SECURITY TESTING
ID: #1183
|
Created: 2026-01-10 12:34:05
1
Alerts
1
Hosts
3
Files
0
Network
Incident Overview
Process action type = execution AND target process cmd = *socket*connect*sock_stream*, *socket*sock_stream*connect* AND target process name = perl
1
2026-01-10 12:38
Unassigned
XDR BIOC
Execution
Affected Hosts & Users
in-bridge-40\dsst
MITRE ATT&CK Mapping
File Artifacts
3
| File Name | Path | SHA256 | Signature | Verdict | Actions |
|---|---|---|---|---|---|
| timeout | - |
8d21b4cf1b204cc2387377a63c542ecdd0ae0895613db67ceb7da1e253110741
|
SIGNATURE_UNAVAILABLE | UNKNOWN | VT |
| sshd | - |
090ecdb53316ebadc17949e4699540588dcb0896dbb0a8ae93da72a8e20ad781
|
SIGNATURE_UNAVAILABLE | UNKNOWN | VT |
| perl | - |
367271e451185cad9ba61d13aa9bcbc60f880814eb77e171cbecf05f9077badd
|
SIGNATURE_UNAVAILABLE | UNKNOWN | VT |
Network Artifacts
0
No network artifacts found for this incident
Process Artifacts
1
| Process | Command Line | Parent Process | User |
|---|---|---|---|
| timeout |
timeout 2 perl -e use Socket;socket(S,PF_INET,SOCK_STREAM,getprotobyname("tcp"))...
|
sshd | in-bridge-40\dsst |
Registry Artifacts
0
No registry artifacts found for this incident
Analyst Verdict
MEDIUM
- Monitor for similar activity
- Verify remediation complete
Summary
1
Alerts
1
Hosts
3
Files
0
Network
Alert Categories
Execution
Timeline
01-10 12:38:11
Incident Modified
Status or details updated
01-10 12:38:11
Incident Resolved
resolved security testing
01-10 12:34:05
Incident Created
#1183 - Perl script connecting to network
01-10 12:34:05
timeout
Verdict: Unknown
01-10 12:34:05
sshd
Verdict: Unknown
01-10 12:34:05
perl
Verdict: Unknown
01-10 12:32:28
Perl script connecting to network
medium - Detected