Overview

overview

10

Static

static

10

4f65bdb5fa...80.elf

ubuntu-18.04-amd64

7

Analysis

  • max time kernel
    0s
  • max time network
    151s
  • platform
    ubuntu-18.04_amd64
  • resource
    ubuntu1804-amd64-20221111-en
  • resource tags

    arch:amd64arch:i386image:ubuntu1804-amd64-20221111-enkernel:4.15.0-161-genericlocale:en-usos:ubuntu-18.04-amd64system
  • submitted
    20-03-2023 01:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    4f65bdb5fa27a5a73e9dfe963fbc785e66ebba56093b30b259f72e5379fa3380.elf

  • Size

    83KB

  • MD5

    e0f4b2c195634626c31fbca8f7ef9a98

  • SHA1

    a093bfbdd3b4a25f8a96d413a601af88d3916450

  • SHA256

    4f65bdb5fa27a5a73e9dfe963fbc785e66ebba56093b30b259f72e5379fa3380

  • SHA512

    a3f77e2ae9eba60657c4cc4334b02de79b8cc2e8bfaa5d8f9a606fcd9155be625cde2b42e063e7b8b2c0252346be21aa5e71b93e809791f979d4a3166fc861de

  • SSDEEP

    1536:UB7crF7FePF5tZuEqdPUq0aJb9sqx3CjrM3X+uWIr8UmoIYuOVje+ZNne:URQFet5O7dPr0oSwyjr4X+uDnmrYuOVA

Score
7/10

Malware Config

Signatures

  • Reads system routing table 1 TTPs 1 IoCs

    Gets active network interfaces from /proc virtual filesystem.

  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

Processes

  • /tmp/4f65bdb5fa27a5a73e9dfe963fbc785e66ebba56093b30b259f72e5379fa3380.elf
    /tmp/4f65bdb5fa27a5a73e9dfe963fbc785e66ebba56093b30b259f72e5379fa3380.elf
    1⤵
    • Reads system routing table
    • Reads system network configuration
    PID:595

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

2
T1016

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads