921509ff94ac35f4696ec7b13675cec824c50cc4c57ebd3661ad1e01e52d29a6 | Triage

Submit
Reports

Overview

overview

Static

static

botx.x86.elf

ubuntu-18.04-amd64

9

Analysis

max time kernel
0s
max time network
155s
platform
linux_amd64
resource
ubuntu1804-amd64-en-20211208
resource tags

arch:amd64arch:i386image:ubuntu1804-amd64-en-20211208kernel:4.15.0-161-genericlocale:en-usos:ubuntu-18.04-amd64system
submitted
09/09/2022, 17:29

Sharing

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

botx.x86.elf

Resource

ubuntu1804-amd64-en-20211208

ubuntu-18.04-amd64

2 signatures

150 seconds

Report Analysis Logs

General

Target

botx.x86.elf
Size

50KB
MD5

1c9ca3ce6e248f2271890543c7fb5182
SHA1

fe89b5fbfdfcb96b91e27733183d1edebad7e993
SHA256

921509ff94ac35f4696ec7b13675cec824c50cc4c57ebd3661ad1e01e52d29a6
SHA512

3fba180d6738bc3fdba1aacd64df14c2c9a6a8d892e501c529047bef78352801fe95bbe634115ec40ca14f1fd77b1b945ac742ebabaedd43dfe692fd1d508511
SSDEEP

768:ap0uCkjQke61gS2Ginxe5u68qu8iK0FvKiBYGlSTBf4WsvKQLDJPZzn:ap0uCkjvRKSbinC0UiBY+Slf4D3LNPR

Score

9^/10

discovery

Malware Config

Signatures

Contacts a large (55642) amount of remote hosts 1 TTPs
This may indicate a network scan to discover remotely running services.
discovery

Network Service Scanning
T1046
Creates a large amount of network flows 1 TTPs
This may indicate a network scan to discover remotely running services.
discovery

Network Service Scanning
T1046

Processes

/tmp/botx.x86.elf
/tmp/botx.x86.elf
1⤵
PID:572

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Scanning

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2025

Terms | Privacy