Overview

overview

5

Static

static

main_10.elf

ubuntu-18.04-amd64

5

Analysis

  • max time kernel
    0s
  • max time network
    148s
  • platform
    linux_amd64
  • resource
    ubuntu1804-amd64-en-20211208
  • resource tags

    arch:amd64arch:i386image:ubuntu1804-amd64-en-20211208kernel:4.15.0-161-genericlocale:en-usos:ubuntu-18.04-amd64system
  • submitted
    28-11-2022 13:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    main_10.elf

  • Size

    1.4MB

  • MD5

    edb69c86d16a019821f3b5848cd382bc

  • SHA1

    be6988bc7c1264699d2857f7f5a7baba3aafdcb4

  • SHA256

    fe1884cda10cd6759aa1a9f1b8d3a0fc91136146fdd55c8c31005654e8f86b14

  • SHA512

    935f0f8e44410eb1ec11c52b089b97eeb5e3184c9aeb147ad907be98b91a91c60ec0a6244f70d04d9c7b80f94b72d02c68e9bc69081ba18e9a34cd91afeece38

  • SSDEEP

    24576:8/eSnJey3JiJ8rionE33L3NAFymjFE6/h7shZbtiAz+C66VNFjxEtT6S6yFr5:8V3Drihyxh7shZbtNV6eNtxEh6S6Q5

Score
5/10

Malware Config

Signatures

  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

  • Writes file to tmp directory 1 IoCs

    Malware often drops required files in the /tmp directory.

Processes

  • /tmp/main_10.elf
    /tmp/main_10.elf
    1⤵
      PID:581
    • /bin/sh
      sh -c "php -r \"echo sys_get_temp_dir();\""
      1⤵
        PID:583
      • /bin/sh
        sh -c "cat /etc/machine-id"
        1⤵
          PID:584
          • /bin/cat
            cat /etc/machine-id
            2⤵
              PID:585
          • /bin/sh
            sh -c ls
            1⤵
              PID:591
              • /bin/ls
                ls
                2⤵
                • Reads runtime system information
                PID:592

            Network

            MITRE ATT&CK Matrix

            Replay Monitor

            Loading Replay Monitor...

            Downloads