Overview

overview

7

Static

static

1

NEAS.53f70...fc.elf

ubuntu-18.04-amd64

7

Analysis

  • max time kernel
    154s
  • max time network
    162s
  • platform
    ubuntu-18.04_amd64
  • resource
    ubuntu1804-amd64-20231026-en
  • resource tags

    arch:amd64arch:i386image:ubuntu1804-amd64-20231026-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system
  • submitted
    12-11-2023 18:45

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.53f70c8b3c7c3713952967759e4a57c36924e1e41a5ea8a09e83cd42e448c1fc.elf

  • Size

    39KB

  • MD5

    fa5668b8bab2abef2593f83e14949b33

  • SHA1

    3e01e7aece2c67096837be77f319ec5ae438f9ff

  • SHA256

    53f70c8b3c7c3713952967759e4a57c36924e1e41a5ea8a09e83cd42e448c1fc

  • SHA512

    dd61692e96518f7412660e270a5fcf074f8418f923698af9eafbbb1bf369b996354ed7c973dea4c691f590681f86ffa997f09a2dea5d02d0b5e9598df82a0d36

  • SSDEEP

    768:Bou9N6ev/7GU4HNtUnfzJJauH3jPYW6TCfBE237ME1oMNWd2+UAnbcuyD7UryqIQ:Su76oSU4tttkrEfQ1oMQtnouy8mqIHZW

Score
7/10

Malware Config

Signatures

  • Changes its process name 1 IoCs
  • Reads system routing table 1 TTPs 1 IoCs

    Gets active network interfaces from /proc virtual filesystem.

  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/NEAS.53f70c8b3c7c3713952967759e4a57c36924e1e41a5ea8a09e83cd42e448c1fc.elf
    /tmp/NEAS.53f70c8b3c7c3713952967759e4a57c36924e1e41a5ea8a09e83cd42e448c1fc.elf
    1⤵
    • Changes its process name
    • Reads system routing table
    • Reads system network configuration
    • Reads runtime system information
    PID:1528

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads