Overview

overview

9

Static

static

1

a0feca0dbf...JC.elf

ubuntu-18.04-amd64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a0feca0dbf4af01c2e2d646017f723aef72b137c7da17b329d6e6886aa073071_JC.elf

  • Size

    136KB

  • Sample

    230904-yrzhhaag9y

  • MD5

    afaef9d9f4d8ef445009fcc41c1ac4e9

  • SHA1

    9b4a4d45b45c843623fe9b6624d970c2ab78a3dc

  • SHA256

    a0feca0dbf4af01c2e2d646017f723aef72b137c7da17b329d6e6886aa073071

  • SHA512

    02d8928a34956dc46443acc9bccc3d6168fc4538ead435cbd643ef8d89f4a72597d5e96c5fe426d520480cca71efe87d31187c6216091771dcf5a122033ddddc

  • SSDEEP

    3072:pGtwnNiaOnUTKFiPT9OSQ7AOaogjV2iZlBWCgPiAJWPdL:pGtwnNiaOnUTwuLyNJWPd

Score
9/10
discoverylinux

Malware Config

Targets

    • Target

      a0feca0dbf4af01c2e2d646017f723aef72b137c7da17b329d6e6886aa073071_JC.elf

    • Size

      136KB

    • MD5

      afaef9d9f4d8ef445009fcc41c1ac4e9

    • SHA1

      9b4a4d45b45c843623fe9b6624d970c2ab78a3dc

    • SHA256

      a0feca0dbf4af01c2e2d646017f723aef72b137c7da17b329d6e6886aa073071

    • SHA512

      02d8928a34956dc46443acc9bccc3d6168fc4538ead435cbd643ef8d89f4a72597d5e96c5fe426d520480cca71efe87d31187c6216091771dcf5a122033ddddc

    • SSDEEP

      3072:pGtwnNiaOnUTKFiPT9OSQ7AOaogjV2iZlBWCgPiAJWPdL:pGtwnNiaOnUTwuLyNJWPd

    Score
    9/10
    discovery

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Changes its process name

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Enumerates running processes

      Discovers information about currently running processes on the system

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks