a0feca0dbf4af01c2e2d646017f723aef72b137c7da17b329d6e6886aa073071

Analysis

max time kernel
153s
max time network
147s
platform
linux_amd64
resource
ubuntu1804-amd64-en-20211208
resource tags

arch:amd64arch:i386image:ubuntu1804-amd64-en-20211208kernel:4.15.0-161-genericlocale:en-usos:ubuntu-18.04-amd64system
submitted
03-09-2023 19:55

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

cundi.x86_64.elf
Size

136KB
MD5

afaef9d9f4d8ef445009fcc41c1ac4e9
SHA1

9b4a4d45b45c843623fe9b6624d970c2ab78a3dc
SHA256

a0feca0dbf4af01c2e2d646017f723aef72b137c7da17b329d6e6886aa073071
SHA512

02d8928a34956dc46443acc9bccc3d6168fc4538ead435cbd643ef8d89f4a72597d5e96c5fe426d520480cca71efe87d31187c6216091771dcf5a122033ddddc
SSDEEP

3072:pGtwnNiaOnUTKFiPT9OSQ7AOaogjV2iZlBWCgPiAJWPdL:pGtwnNiaOnUTwuLyNJWPd

Score

7^/10

Malware Config

Signatures

Changes its process name 1 IoCs

description	ioc	pid	Process
Changes the process name, possibly in an attempt to hide itself	a- M}!	596	cundi.x86_64.elf

Enumerates running processes
Discovers information about currently running processes on the system

Reads runtime system information 64 IoCs

Reads data from /proc virtual filesystem.

description	ioc
File opened for reading	/proc/640/cmdline
File opened for reading	/proc/679/cmdline
File opened for reading	/proc/698/cmdline
File opened for reading	/proc/22/cmdline
File opened for reading	/proc/167/cmdline
File opened for reading	/proc/173/cmdline
File opened for reading	/proc/593/cmdline
File opened for reading	/proc/709/cmdline
File opened for reading	/proc/176/cmdline
File opened for reading	/proc/565/cmdline
File opened for reading	/proc/637/cmdline
File opened for reading	/proc/645/cmdline
File opened for reading	/proc/658/cmdline
File opened for reading	/proc/202/cmdline
File opened for reading	/proc/616/cmdline
File opened for reading	/proc/635/cmdline
File opened for reading	/proc/651/cmdline
File opened for reading	/proc/79/cmdline
File opened for reading	/proc/623/cmdline
File opened for reading	/proc/668/cmdline
File opened for reading	/proc/716/cmdline
File opened for reading	/proc/10/cmdline
File opened for reading	/proc/126/cmdline
File opened for reading	/proc/628/cmdline
File opened for reading	/proc/693/cmdline
File opened for reading	/proc/598/cmdline
File opened for reading	/proc/642/cmdline
File opened for reading	/proc/653/cmdline
File opened for reading	/proc/669/cmdline
File opened for reading	/proc/684/cmdline
File opened for reading	/proc/702/cmdline
File opened for reading	/proc/89/cmdline
File opened for reading	/proc/98/cmdline
File opened for reading	/proc/654/cmdline
File opened for reading	/proc/662/cmdline
File opened for reading	/proc/643/cmdline
File opened for reading	/proc/9/cmdline
File opened for reading	/proc/84/cmdline
File opened for reading	/proc/606/cmdline
File opened for reading	/proc/621/cmdline
File opened for reading	/proc/663/cmdline
File opened for reading	/proc/687/cmdline
File opened for reading	/proc/78/cmdline
File opened for reading	/proc/174/cmdline
File opened for reading	/proc/350/cmdline
File opened for reading	/proc/424/cmdline
File opened for reading	/proc/599/cmdline
File opened for reading	/proc/605/cmdline
File opened for reading	/proc/620/cmdline
File opened for reading	/proc/708/cmdline
File opened for reading	/proc/615/cmdline
File opened for reading	/proc/618/cmdline
File opened for reading	/proc/633/cmdline
File opened for reading	/proc/673/cmdline
File opened for reading	/proc/6/cmdline
File opened for reading	/proc/18/cmdline
File opened for reading	/proc/19/cmdline
File opened for reading	/proc/383/cmdline
File opened for reading	/proc/717/cmdline
File opened for reading	/proc/685/cmdline
File opened for reading	/proc/697/cmdline
File opened for reading	/proc/703/cmdline
File opened for reading	/proc/705/cmdline
File opened for reading	/proc/35/cmdline

/tmp/cundi.x86_64.elf
/tmp/cundi.x86_64.elf
1⤵
- Changes its process name
PID:596

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads