Overview

overview

10

Static

static

10

e1102ba673...4d.elf

ubuntu-18.04-amd64

7

Analysis

  • max time kernel
    0s
  • max time network
    154s
  • platform
    linux_amd64
  • resource
    ubuntu1804-amd64-en-20211208
  • resource tags

    arch:amd64arch:i386image:ubuntu1804-amd64-en-20211208kernel:4.15.0-161-genericlocale:en-usos:ubuntu-18.04-amd64system
  • submitted
    16-03-2023 07:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    e1102ba673a1a82ec70c5b6b20e48af30a6b422670b74cb9c094ca0e12930c4d.elf

  • Size

    92KB

  • MD5

    e80d18ff4aa7463af7d0508271d58fc7

  • SHA1

    5911745e8312bb1087ef791afa00aa072c5ec627

  • SHA256

    e1102ba673a1a82ec70c5b6b20e48af30a6b422670b74cb9c094ca0e12930c4d

  • SHA512

    8e874a19145e39475016c8e57040db4d28bda01e000105abe5c992cde8d3295a19db28e02252628a95fce8506d5a6a1270455c7e44a0fd7c366ba06f9ea64fca

  • SSDEEP

    1536:W7uJtxNeVE8zV7aKlvhE1hmkJ0S36W6bWjK3wyPXfH0mA+KWOXFseaZYxe:4SsVEeVZlpmXJ0O6WpjKgifUm/KWOXFE

Score
7/10
discovery

Malware Config

Signatures

  • Reads system routing table 1 TTPs 1 IoCs

    Gets active network interfaces from /proc virtual filesystem.

  • Creates a large amount of network flows 1 TTPs

    This may indicate a network scan to discover remotely running services.

    discovery
  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

Processes

  • /tmp/e1102ba673a1a82ec70c5b6b20e48af30a6b422670b74cb9c094ca0e12930c4d.elf
    /tmp/e1102ba673a1a82ec70c5b6b20e48af30a6b422670b74cb9c094ca0e12930c4d.elf
    1⤵
    • Reads system routing table
    • Reads system network configuration
    PID:580

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads