Overview

overview

5

Static

static

1

x86_32.elf

ubuntu-18.04-amd64

5

Analysis

  • max time kernel
    3s
  • max time network
    101s
  • platform
    ubuntu-18.04_amd64
  • resource
    ubuntu1804-amd64-20221111-en
  • resource tags

    arch:amd64arch:i386image:ubuntu1804-amd64-20221111-enkernel:4.15.0-161-genericlocale:en-usos:ubuntu-18.04-amd64system
  • submitted
    18-04-2023 08:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    x86_32.elf

  • Size

    41KB

  • MD5

    d17d0aeca4c91e21ac78e70a74794f57

  • SHA1

    cd81c48088fcabe8176d19d772edfef2573e117a

  • SHA256

    c0686c3b7785e1f28d50c84ccc193659807141c6bb5f71f07e23f78f68de66e7

  • SHA512

    284c8ee38fe8dc0a684fbd0fe1da053bf7274a58be951a96677254b425abcb31ec06ec28aa44b0f4bd3467527ab86001301de8ac9b1a3a9ac61d965b935dc9e0

  • SSDEEP

    768:JcHCvhe199DnS3BjzjiIp6kAKgcKoLIC878SzYIJ:JcH0e199DSRJpgKgcTLIp8SzY

Score
5/10

Malware Config

Signatures

  • Reads runtime system information 2 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/x86_32.elf
    /tmp/x86_32.elf
    1⤵
      PID:586
    • /bin/sh
      sh -c "mkdir /sig2envn83/ && >/sig2envn83/sig2envn83 && cd /sig2envn83/ >/dev/null"
      1⤵
        PID:589
        • /bin/mkdir
          mkdir /sig2envn83/
          2⤵
          • Reads runtime system information
          PID:590
      • /bin/sh
        sh -c "mv /tmp/x86_32.elf /sig2envn83/sig2envn83 && chmod 777 /sig2envn83/sig2envn83 >/dev/null"
        1⤵
          PID:591
          • /bin/mv
            mv /tmp/x86_32.elf /sig2envn83/sig2envn83
            2⤵
            • Reads runtime system information
            PID:592
          • /bin/chmod
            chmod 777 /sig2envn83/sig2envn83
            2⤵
              PID:593

          Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads