MEDIUM Perl script connecting to network
RESOLVED SECURITY TESTING
ID: #995
|
Created: 2026-01-07 08:44:26
1
Alerts
1
Hosts
3
Files
0
Network
Incident Overview
Process action type = execution AND target process cmd = *socket*connect*sock_stream*, *socket*sock_stream*connect* AND target process name = perl
1
2026-01-07 08:44
Unassigned
XDR BIOC
Execution
Affected Hosts & Users
in-bridge-40\dsst
MITRE ATT&CK Mapping
File Artifacts
3
| File Name | Path | SHA256 | Signature | Verdict | Actions |
|---|---|---|---|---|---|
| timeout | - |
8d21b4cf1b204cc2387377a63c542ecdd0ae0895613db67ceb7da1e253110741
|
SIGNATURE_UNAVAILABLE | UNKNOWN | VT |
| sshd | - |
090ecdb53316ebadc17949e4699540588dcb0896dbb0a8ae93da72a8e20ad781
|
SIGNATURE_UNAVAILABLE | UNKNOWN | VT |
| perl | - |
367271e451185cad9ba61d13aa9bcbc60f880814eb77e171cbecf05f9077badd
|
SIGNATURE_UNAVAILABLE | UNKNOWN | VT |
Network Artifacts
0
No network artifacts found for this incident
Process Artifacts
1
| Process | Command Line | Parent Process | User |
|---|---|---|---|
| timeout |
timeout 2 perl -e use Socket;socket(S,PF_INET,SOCK_STREAM,getprotobyname("tcp"))...
|
sshd | in-bridge-40\dsst |
Registry Artifacts
0
No registry artifacts found for this incident
Analyst Verdict
MEDIUM
- Monitor for similar activity
- Verify remediation complete
Summary
1
Alerts
1
Hosts
3
Files
0
Network
Alert Categories
Execution
Timeline
01-07 08:44:44
Incident Modified
Status or details updated
01-07 08:44:44
Incident Resolved
resolved security testing
01-07 08:44:26
Incident Created
#995 - Perl script connecting to network
01-07 08:44:26
timeout
Verdict: Unknown
01-07 08:44:26
sshd
Verdict: Unknown
01-07 08:44:26
perl
Verdict: Unknown
01-07 08:40:41
Perl script connecting to network
medium - Detected