Overview

overview

10

Static

static

10

923497e576...8d.elf

ubuntu-18.04-amd64

9

Analysis

  • max time kernel
    153s
  • max time network
    155s
  • platform
    ubuntu-18.04_amd64
  • resource
    ubuntu1804-amd64-20230831-en
  • resource tags

    arch:amd64arch:i386image:ubuntu1804-amd64-20230831-enkernel:4.15.0-161-genericlocale:en-usos:ubuntu-18.04-amd64system
  • submitted
    14/10/2023, 15:03

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    923497e576dd9ae1061d713e3075948d.elf

  • Size

    81KB

  • MD5

    923497e576dd9ae1061d713e3075948d

  • SHA1

    74e316e174439f713e916effc7ac5b0fd359ef55

  • SHA256

    11e8482d50901fca70e20e5c773aeb9a94bc918eb6a9180868fd57d80ab4751f

  • SHA512

    0cd6012f7baf77d059a6300657c762c47a461b68f2ad96c018dff1db6e6fcb5e4d93dbbe7eb6e2f2d4f78e842fcf95e51822c9bcc6127cc94b70dc48db95377e

  • SSDEEP

    1536:BxdeVSDsgyIuj3QMAwdTsymavw1KfW9zYKYWoHkdoTU2V0t:BXWgRuj3Wwhm/Kf61YWOkoQ

Score
9/10
discovery

Malware Config

Signatures

  • Contacts a large (70365) amount of remote hosts 1 TTPs

    This may indicate a network scan to discover remotely running services.

    discovery
  • Creates a large amount of network flows 1 TTPs

    This may indicate a network scan to discover remotely running services.

    discovery
  • Changes its process name 1 IoCs
  • Modifies Watchdog functionality 1 TTPs 2 IoCs

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

  • Reads runtime system information 15 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/923497e576dd9ae1061d713e3075948d.elf
    /tmp/923497e576dd9ae1061d713e3075948d.elf
    1⤵
    • Changes its process name
    PID:553

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads