cfd43bea431abcdf8ce5a26db61cf11e87ed904f4d8094c95197d60a913dc930

Analysis

max time kernel
152s
max time network
142s
platform
ubuntu-18.04_amd64
resource
ubuntu1804-amd64-20230621-en
resource tags

arch:amd64arch:i386image:ubuntu1804-amd64-20230621-enkernel:4.15.0-161-genericlocale:en-usos:ubuntu-18.04-amd64system
submitted
04/08/2023, 02:09

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

x86_64-20230804-0208.elf
Size

40KB
MD5

0a2f23837953cf32ec824c758211d79e
SHA1

6de4df1efb46088a024edfb058de0eb53437c7b8
SHA256

cfd43bea431abcdf8ce5a26db61cf11e87ed904f4d8094c95197d60a913dc930
SHA512

d9d2af69645dbebc72793634ca77d3a710f3d0af94205529164574bc2252f1f6d1d7241332440407c15f8138f9aa0d71a5066178a4c17adb38343b9241366b5d
SSDEEP

768:Z8PHtvWaiKFKcextDHT5rtYECXsBle+gQdWSw1G:aPHV4vxdz5rt4uleBMBw1

Score

6^/10

Malware Config

Signatures

Enumerates running processes
Discovers information about currently running processes on the system

Reads runtime system information 64 IoCs

Reads data from /proc virtual filesystem.

description	ioc	Process
File opened for reading	/proc/23/cmdline	x86_64-20230804-0208.elf
File opened for reading	/proc/253/cmdline	x86_64-20230804-0208.elf
File opened for reading	/proc/85/cmdline	x86_64-20230804-0208.elf
File opened for reading	/proc/155/cmdline	x86_64-20230804-0208.elf
File opened for reading	/proc/168/cmdline	x86_64-20230804-0208.elf
File opened for reading	/proc/575/cmdline	x86_64-20230804-0208.elf
File opened for reading	/proc/11/cmdline	x86_64-20230804-0208.elf
File opened for reading	/proc/14/cmdline	x86_64-20230804-0208.elf
File opened for reading	/proc/34/cmdline	x86_64-20230804-0208.elf
File opened for reading	/proc/36/cmdline	x86_64-20230804-0208.elf
File opened for reading	/proc/606/exe	Process not Found
File opened for reading	/proc/596/cmdline	x86_64-20230804-0208.elf
File opened for reading	/proc/3/cmdline	x86_64-20230804-0208.elf
File opened for reading	/proc/17/cmdline	x86_64-20230804-0208.elf
File opened for reading	/proc/165/cmdline	x86_64-20230804-0208.elf
File opened for reading	/proc/594/cmdline	x86_64-20230804-0208.elf
File opened for reading	/proc/29/cmdline	x86_64-20230804-0208.elf
File opened for reading	/proc/81/cmdline	x86_64-20230804-0208.elf
File opened for reading	/proc/159/cmdline	x86_64-20230804-0208.elf
File opened for reading	/proc/287/cmdline	x86_64-20230804-0208.elf
File opened for reading	/proc/348/cmdline	x86_64-20230804-0208.elf
File opened for reading	/proc/353/cmdline	x86_64-20230804-0208.elf
File opened for reading	/proc/354/cmdline	x86_64-20230804-0208.elf
File opened for reading	/proc/1/cmdline	x86_64-20230804-0208.elf
File opened for reading	/proc/31/cmdline	x86_64-20230804-0208.elf
File opened for reading	/proc/169/cmdline	x86_64-20230804-0208.elf
File opened for reading	/proc/195/cmdline	x86_64-20230804-0208.elf
File opened for reading	/proc/599/cmdline	x86_64-20230804-0208.elf
File opened for reading	/proc/381/fd	x86_64-20230804-0208.elf
File opened for reading	/proc/27/cmdline	x86_64-20230804-0208.elf
File opened for reading	/proc/163/cmdline	x86_64-20230804-0208.elf
File opened for reading	/proc/162/cmdline	x86_64-20230804-0208.elf
File opened for reading	/proc/601/cmdline	x86_64-20230804-0208.elf
File opened for reading	/proc/15/cmdline	x86_64-20230804-0208.elf
File opened for reading	/proc/28/cmdline	x86_64-20230804-0208.elf
File opened for reading	/proc/32/cmdline	x86_64-20230804-0208.elf
File opened for reading	/proc/98/cmdline	x86_64-20230804-0208.elf
File opened for reading	/proc/2/cmdline	x86_64-20230804-0208.elf
File opened for reading	/proc/127/cmdline	x86_64-20230804-0208.elf
File opened for reading	/proc/333/cmdline	x86_64-20230804-0208.elf
File opened for reading	/proc/335/cmdline	x86_64-20230804-0208.elf
File opened for reading	/proc/35/cmdline	x86_64-20230804-0208.elf
File opened for reading	/proc/115/cmdline	x86_64-20230804-0208.elf
File opened for reading	/proc/157/cmdline	x86_64-20230804-0208.elf
File opened for reading	/proc/171/cmdline	x86_64-20230804-0208.elf
File opened for reading	/proc/4/cmdline	x86_64-20230804-0208.elf
File opened for reading	/proc/5/cmdline	x86_64-20230804-0208.elf
File opened for reading	/proc/8/cmdline	x86_64-20230804-0208.elf
File opened for reading	/proc/9/cmdline	x86_64-20230804-0208.elf
File opened for reading	/proc/229/cmdline	x86_64-20230804-0208.elf
File opened for reading	/proc/597/cmdline	x86_64-20230804-0208.elf
File opened for reading	/proc/6/cmdline	x86_64-20230804-0208.elf
File opened for reading	/proc/30/cmdline	x86_64-20230804-0208.elf
File opened for reading	/proc/160/cmdline	x86_64-20230804-0208.elf
File opened for reading	/proc/595/cmdline	x86_64-20230804-0208.elf
File opened for reading	/proc/166/cmdline	x86_64-20230804-0208.elf
File opened for reading	/proc/194/cmdline	x86_64-20230804-0208.elf
File opened for reading	/proc/self/maps	x86_64-20230804-0208.elf
File opened for reading	/proc/22/cmdline	x86_64-20230804-0208.elf
File opened for reading	/proc/89/cmdline	x86_64-20230804-0208.elf
File opened for reading	/proc/156/cmdline	x86_64-20230804-0208.elf
File opened for reading	/proc/24/cmdline	x86_64-20230804-0208.elf
File opened for reading	/proc/25/cmdline	x86_64-20230804-0208.elf
File opened for reading	/proc/82/cmdline	x86_64-20230804-0208.elf

/tmp/x86_64-20230804-0208.elf
/tmp/x86_64-20230804-0208.elf
1⤵
- Reads runtime system information
PID:599

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads