376235d13bfafbaf1cf4394f391811efeb3fac70eec0c487f81cd1fd80c8308d | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

1

nuklear.x86.elf

ubuntu-18.04-amd64

9

Analysis

max time kernel
0s
max time network
154s
platform
linux_amd64
resource
ubuntu1804-amd64-en-20211208
resource tags

arch:amd64arch:i386image:ubuntu1804-amd64-en-20211208kernel:4.15.0-161-genericlocale:en-usos:ubuntu-18.04-amd64system
submitted
16/02/2023, 04:55

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

nuklear.x86.elf

Resource

ubuntu1804-amd64-en-20211208

ubuntu-18.04-amd64

2 signatures

150 seconds

Report Analysis Logs

General

Target

nuklear.x86.elf
Size

24KB
MD5

d9f54d6efe322a17dab5dee2e2296936
SHA1

59477e93284f98bd9fde5d9f86cde1943ecaddd7
SHA256

376235d13bfafbaf1cf4394f391811efeb3fac70eec0c487f81cd1fd80c8308d
SHA512

223a85a4784a705e8ab5e8232e1a0c486bedd78fc9c9be00c74a918f38f37f4c5465903db3429f7147287b3392e67573db29c2744d8d8b5fac3dd1edceec7160
SSDEEP

384:Mczc4LdGAwXfRtDqUGTB9Q9QdVtKp8xMIShF0YEgKOf2L1uUOV7Tr7/CMMUcMhsT:TXdGAwvbDYTBZGuxsj0gtfJdr+EcQXy

Score

9^/10

discovery

Malware Config

Signatures

Contacts a large (20110) amount of remote hosts 1 TTPs
This may indicate a network scan to discover remotely running services.
discovery

Network Service Scanning
T1046
Creates a large amount of network flows 1 TTPs
This may indicate a network scan to discover remotely running services.
discovery

Network Service Scanning
T1046

Processes

/tmp/nuklear.x86.elf
/tmp/nuklear.x86.elf
1⤵
PID:581

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Scanning

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2025

Terms | Privacy