Overview

overview

10

Static

static

10

0xh0roxxna...lf.elf

ubuntu-18.04-amd64

7

Analysis

  • max time kernel
    152s
  • max time network
    148s
  • platform
    ubuntu-18.04_amd64
  • resource
    ubuntu1804-amd64-20230621-en
  • resource tags

    arch:amd64arch:i386image:ubuntu1804-amd64-20230621-enkernel:4.15.0-161-genericlocale:en-usos:ubuntu-18.04-amd64system
  • submitted
    02/07/2023, 12:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0xh0roxxnavebusyoox86elf.elf

  • Size

    56KB

  • MD5

    6599aed7545666a669955a5dad4ac5d4

  • SHA1

    c85f6bfbf6b126108ad544d99fca4c4acf939ed6

  • SHA256

    ccf9d897245c4fc71a724850cb363851c179ec827f0ef9fa1881de34107969e6

  • SHA512

    8248cd66a75214856ed705f1b590ef82d92279b20224a54e9a2f0f74bf1fb3d2f071607c7385e19c3985b9d806264260d247ad9100b8b9f544e7cf8d4c1ddef5

  • SSDEEP

    1536:CVKFOD7prJkaNup1COy7O/HgeXDaLiwui7EPZP8x9:XFOXprOfPTy7yHgeXDaLru31Q

Score
7/10

Malware Config

Signatures

  • Changes its process name 1 IoCs
  • Modifies Watchdog functionality 1 TTPs 2 IoCs

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

  • Reads runtime system information 13 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/0xh0roxxnavebusyoox86elf.elf
    /tmp/0xh0roxxnavebusyoox86elf.elf
    1⤵
    • Changes its process name
    PID:599

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads