Overview

overview

10

Static

static

10

NEAS.NEASN...JC.elf

ubuntu-18.04-amd64

7

Analysis

  • max time kernel
    154s
  • max time network
    152s
  • platform
    linux_amd64
  • resource
    ubuntu1804-amd64-en-20211208
  • resource tags

    arch:amd64arch:i386image:ubuntu1804-amd64-en-20211208kernel:4.15.0-161-genericlocale:en-usos:ubuntu-18.04-amd64system
  • submitted
    13-10-2023 18:03

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.NEASNEASc140fa10a671261091ee5936bebcd03c41b4beeade6d7967a907eb3c05c339edelfelfelf_JC.elf

  • Size

    64KB

  • MD5

    584e3ef7fc82d5d87535a624686fa2da

  • SHA1

    ff6dcdab6699a048e406dd79e015fae9ca682ef3

  • SHA256

    c140fa10a671261091ee5936bebcd03c41b4beeade6d7967a907eb3c05c339ed

  • SHA512

    e9efa50aa2a66204c38bcf410a2245fadda2548b6da5adc644eabcff534286d6a76ebdd9c7229cce03bbfd31e19bdb9ae51e0641a9d5730076b1e521d761cf4e

  • SSDEEP

    1536:T562r5PIV8g4IVSFRhkiyzxyKu9HBYDlhW7TvOur:tvFzgLVSFDk5zx8Il0fvT

Score
7/10

Malware Config

Signatures

  • Changes its process name 1 IoCs
  • Modifies Watchdog functionality 1 TTPs 2 IoCs

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

  • Reads runtime system information 9 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/NEAS.NEASNEASc140fa10a671261091ee5936bebcd03c41b4beeade6d7967a907eb3c05c339edelfelfelf_JC.elf
    /tmp/NEAS.NEASNEASc140fa10a671261091ee5936bebcd03c41b4beeade6d7967a907eb3c05c339edelfelfelf_JC.elf
    1⤵
    • Changes its process name
    PID:574

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads