1d42ab039c8b595671b28dbbc829e97f91a84cc4d1696b137b03cfa1d94f5dae

Analysis

max time kernel
144s
max time network
145s
platform
linux_amd64
resource
ubuntu1804-amd64-en-20211208
resource tags

arch:amd64arch:i386image:ubuntu1804-amd64-en-20211208kernel:4.15.0-161-genericlocale:en-usos:ubuntu-18.04-amd64system
submitted
26/04/2023, 07:32

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

fuckjewishpeople.x86.elf
Size

91KB
MD5

86af292c49e48e09367306b9d749085a
SHA1

31afbd2d8c8bd1dbdc0fadfd062cf58887feb5e7
SHA256

1d42ab039c8b595671b28dbbc829e97f91a84cc4d1696b137b03cfa1d94f5dae
SHA512

643098efb87cc9c89d61929028c94a2ea8306c44649245764b4aeb790836ee04e579d0bc9360c0e095811d14ecc65316c56ce1270959685d0bdbd3d47df127ff
SSDEEP

1536:p7rHXokXsWFVSzkfLEkZAT5ipG5v3PphauH/jPNlDDUg6I9um2Xj5YZb0e:pcCPOkfQfNipGdPphaE/JVog99um2XFY

Score

7^/10

Malware Config

Signatures

Reads system routing table 1 TTPs 1 IoCs

Gets active network interfaces from /proc virtual filesystem.

System Network Configuration Discovery

T1016

description	ioc	Process
File opened for reading	/proc/net/route	fuckjewishpeople.x86.elf

Reads system network configuration 1 TTPs 1 IoCs

Uses contents of /proc filesystem to enumerate network settings.

System Network Configuration Discovery

T1016

description	ioc	Process
File opened for reading	/proc/net/route	fuckjewishpeople.x86.elf

/tmp/fuckjewishpeople.x86.elf
/tmp/fuckjewishpeople.x86.elf
1⤵
- Reads system routing table
- Reads system network configuration
PID:581

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

T1016

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads