Overview

overview

10

Static

static

10

x86.elf

ubuntu-18.04-amd64

9

Analysis

  • max time kernel
    10853s
  • max time network
    151s
  • platform
    ubuntu-18.04_amd64
  • resource
    ubuntu1804-amd64-20221111-en
  • resource tags

    arch:amd64arch:i386image:ubuntu1804-amd64-20221111-enkernel:4.15.0-161-genericlocale:en-usos:ubuntu-18.04-amd64system
  • submitted
    17-03-2023 09:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    x86.elf

  • Size

    113KB

  • MD5

    526fc7839eacdd1dc4696e589b20ebde

  • SHA1

    d4ff7204bc3813286803f9442949f33caf00468a

  • SHA256

    d12b23f4e5e7c85fe5ecea44a23e5b476039649c635227d6b64b6bc1ef1cc226

  • SHA512

    904261f9623737b1fb5ca255c1ad76ab3237e7938ad23de72e9e53c48b990b448fe86964ca53f68f360c93e2ab373516e08916e2f1fd66baa97d6e46e85fbf5a

  • SSDEEP

    3072:kiry859a2ADJf9wHYqbgFFo8+HeAo+TRCm7FnVqfJXFWbNb:T9a2aLqkrMnsm7FnVqfJXFWbNb

Score
9/10

Malware Config

Signatures

  • Modifies the Watchdog daemon 1 TTPs

    Malware like Mirai modify the Watchdog to prevent it restarting an infected system.

  • Reads system routing table 1 TTPs 1 IoCs

    Gets active network interfaces from /proc virtual filesystem.

  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

Processes

  • /tmp/x86.elf
    /tmp/x86.elf
    1⤵
    • Reads system routing table
    • Reads system network configuration
    PID:603

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads