Overview

overview

10

Static

static

10

2ce5eb2235...6d.elf

ubuntu-18.04-amd64

7

Analysis

  • max time kernel
    0s
  • max time network
    134s
  • platform
    ubuntu-18.04_amd64
  • resource
    ubuntu1804-amd64-20221111-en
  • resource tags

    arch:amd64arch:i386image:ubuntu1804-amd64-20221111-enkernel:4.15.0-161-genericlocale:en-usos:ubuntu-18.04-amd64system
  • submitted
    21-03-2023 01:38

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2ce5eb2235aaf5476213a6dcdc7627524fd9a134b81dfda3e857b24f300ccc6d.elf

  • Size

    91KB

  • MD5

    a4ea13ef051384e3aac26c8bd3a2fb40

  • SHA1

    532bf97ed3feb029c94763ce3abf2cf97dfa1e7c

  • SHA256

    2ce5eb2235aaf5476213a6dcdc7627524fd9a134b81dfda3e857b24f300ccc6d

  • SHA512

    274cf6b7e444435806ff75bc3d847d3ad17c70b7f1da07932ca704f4fefe2d39ebae03af770816e88a6cea9cf3095b9ddc9ff14640e6ef92cb237a871aa67d87

  • SSDEEP

    1536:p7rHXokXsWFVSzkfLEkZAT5ipG5v3CphauH/VPNlDDUg6I9um2Xj5YZb0e:pcCPOkfQfNipGdCphaE/XVog99um2XFY

Score
7/10

Malware Config

Signatures

  • Reads system routing table 1 TTPs 1 IoCs

    Gets active network interfaces from /proc virtual filesystem.

  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

Processes

  • /tmp/2ce5eb2235aaf5476213a6dcdc7627524fd9a134b81dfda3e857b24f300ccc6d.elf
    /tmp/2ce5eb2235aaf5476213a6dcdc7627524fd9a134b81dfda3e857b24f300ccc6d.elf
    1⤵
    • Reads system routing table
    • Reads system network configuration
    PID:597

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

2
T1016

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads