Overview
overview
7Static
static
1getroot/full-nelson
ubuntu-18.04-amd64
getroot/go.sh
windows7-x64
3getroot/go.sh
windows10-2004-x64
3getroot/ho...endmsg
ubuntu-18.04-amd64
getroot/ip...d_data
ubuntu-18.04-amd64
getroot/k-rad3
ubuntu-18.04-amd64
1getroot/linux-gate
ubuntu-18.04-amd64
getroot/mc...filter
ubuntu-18.04-amd64
getroot/pr...redump
ubuntu-18.04-amd64
getroot/prctlpute
ubuntu-18.04-amd64
getroot/pt...keuser
ubuntu-18.04-amd64
7getroot/rds-privesc
ubuntu-18.04-amd64
getroot/udev-141
ubuntu-18.04-amd64
getroot/vmsplice
ubuntu-18.04-amd64
getroot/vmsplice2
ubuntu-18.04-amd64
1getroot/vmsplice3
ubuntu-18.04-amd64
General
-
Target
8bf7ab2b2b2e480597d6de5b66ddfb89
-
Size
538KB
-
Sample
231222-pmmhpsccf8
-
MD5
8bf7ab2b2b2e480597d6de5b66ddfb89
-
SHA1
43b4518e8ef37221fc0fb7f1ed7c7ff3f52d2549
-
SHA256
19367e7228f26d4e9678aae4c45ac01edf70960495d6d8283b9cf6274e039913
-
SHA512
b51350c51ef56cc22c7acc8dd7baba288b5736d7f47ca9acd10bbc40e28547d650384041fdc18954f0940a6be9a11591297857cd8a4c2f7466af91bc7acb50ab
-
SSDEEP
12288:DQV45hamBFR1tq57RzwnFu8aa8voCuoOVk12k0qBRuIMRAeO2:q4O4vtq5J4zaFACu/U2kgRW2
Static task
static1
Behavioral task
behavioral1
Sample
getroot/full-nelson
Resource
ubuntu1804-amd64-20231215-en
Behavioral task
behavioral2
Sample
getroot/go.sh
Resource
win7-20231215-en
Behavioral task
behavioral3
Sample
getroot/go.sh
Resource
win10v2004-20231215-en
Behavioral task
behavioral4
Sample
getroot/hoagie_udpsendmsg
Resource
ubuntu1804-amd64-20231215-en
Behavioral task
behavioral5
Sample
getroot/ip_append_data
Resource
ubuntu1804-amd64-20231222-en
Behavioral task
behavioral6
Sample
getroot/k-rad3
Resource
ubuntu1804-amd64-20231215-en
Behavioral task
behavioral7
Sample
getroot/linux-gate
Resource
ubuntu1804-amd64-20231215-en
Behavioral task
behavioral8
Sample
getroot/mcast_msfilter
Resource
ubuntu1804-amd64-20231215-en
Behavioral task
behavioral9
Sample
getroot/prctl_coredump
Resource
ubuntu1804-amd64-20231222-en
Behavioral task
behavioral10
Sample
getroot/prctlpute
Resource
ubuntu1804-amd64-20231215-en
Behavioral task
behavioral11
Sample
getroot/ptrace_pokeuser
Resource
ubuntu1804-amd64-20231215-en
Behavioral task
behavioral12
Sample
getroot/rds-privesc
Resource
ubuntu1804-amd64-20231215-en
Behavioral task
behavioral13
Sample
getroot/udev-141
Resource
ubuntu1804-amd64-20231222-en
Behavioral task
behavioral14
Sample
getroot/vmsplice
Resource
ubuntu1804-amd64-20231215-en
Behavioral task
behavioral15
Sample
getroot/vmsplice2
Resource
ubuntu1804-amd64-20231215-en
Behavioral task
behavioral16
Sample
getroot/vmsplice3
Resource
ubuntu1804-amd64-20231222-en
Malware Config
Targets
-
-
Target
getroot/full-nelson
-
Size
10KB
-
MD5
2c4dd980becf98934109ebb0f17baaab
-
SHA1
33acc09c5121318fc310103d7badbaa24bc308cc
-
SHA256
7c3cbabee49073e70ed7713edb158b5761ecfa829499cb240348a9403733e3b5
-
SHA512
5aefa661b9c5c7a25d3d4df2c74979a52c8a8589f0f8162092e7a0e1da0465a22d85fd821a433a9870cdae4dfbe563211bd4d7e26023fede843419616ccd4b90
-
SSDEEP
192:feEgklFWaYk+8t4Yqky+tZkqRqXRrN/x2V:fexklrYCN/tZ4XRrN/xe
Score1/10 -
-
-
Target
getroot/go.sh
-
Size
209B
-
MD5
b1714d537de6ee274a91cb36a7e05474
-
SHA1
6015ca3fcfbe74eecb9013bce63a63ae62ea5100
-
SHA256
70ed5f76524f6217435299f7e07e0305f6a5cdc8850a5bade4d42411fc6c7472
-
SHA512
07d92aa35f3b5553907639d3dc7d588ecdb9ff63a7d09da06d8fdc23a781190782f6fd1bdf191493c966a62603a5fd8a45b9ceb487c898348317873f61c99d58
Score3/10 -
-
-
Target
getroot/hoagie_udpsendmsg
-
Size
9KB
-
MD5
17260fd703b1a28bc9899c7a8e008ecb
-
SHA1
63112a239e06f637a626f12230ba328a24a2e840
-
SHA256
509f8b9f1c5897781ef62c16db0d9d4da3ec0d1cbf7a929e1b43fd562dba409b
-
SHA512
9955140ccf98f560df7f26d8aaa02ea075ccd68886401d3e5ef4529f744aad68a6cfc38f776077129dead82fe9a224b48b01af82d283809d1ee5e42cbf305f6c
-
SSDEEP
96:fD/56GhfiOo1WPBf+VLtOybVKEUmviTCASAy30CY6X8OLh/QP6ahn+PTre0n4w1U:fzwW8VQybEmaTCASAydY5OZ/S2xwMa
Score1/10 -
-
-
Target
getroot/ip_append_data
-
Size
6KB
-
MD5
ffd6b33a6c7697c0e4b584b2915ce44c
-
SHA1
89b92422ba22ccb0759eb878ea020238731c7900
-
SHA256
77a48406489f1b602dfa286f1addbbb1083d2edcd79c19e9c233baadc5ca3113
-
SHA512
583af6eac466785ea3233992d520efa3239e401d227432f71964b0bf656f5ab50b1a82c14f5ae1968ea12dcb176bd16cd40717ab02aed5c851e82e1bf9b93453
-
SSDEEP
96:fCT5Z3As/p62gUiM9Sdy1I17rxPfuQ22222H0ciIlJKjuC3zC9yZ7/icY3c6YLal:foSUQ/AO1kD0czu4yZ7qm6Xn
Score1/10 -
-
-
Target
getroot/k-rad3
-
Size
569KB
-
MD5
0188996f0a3b78bab3054be7ac95d4ae
-
SHA1
2da280d330cc1fcdd213de6b9301850f2654bfea
-
SHA256
c302650d07b24230570d59e5988b4fc07c749a7cb110ea913ae1af72861129f2
-
SHA512
3dfb8e78ee75ff563234a812578481806ae4be144bc350037681ddf772217d523755677ddfa1bc8d83afd61e0384c87dd2eb391aa81cfa96bfec039742b3686b
-
SSDEEP
12288:Tgw6Re9+okw1OTRYsP/Mz/wDAFqstVErLTpjtMqyqkkSJGo:Tgw6RecorcRxP/VKqstVErLTpCpqkNJH
Score1/10 -
-
-
Target
getroot/linux-gate
-
Size
5KB
-
MD5
9e654054624b1556c26f6b7b1532b877
-
SHA1
992e0111ffd093ca9c21f4d9c99d62878e6d5f36
-
SHA256
2154de3be033790fd6b8a34f9bede53168e053a1f492b5ef343ad9983626fd05
-
SHA512
40772d2dcc17748f3d206fe3db8b16daaa6891051540590c079ef4c9a61b3ece7b80adbcf3c0c4d57466e7f24db8c52079b82e8bba2e91ff6965c6ac1661bf74
-
SSDEEP
96:fvvA/G3pSSeTyOaoMl/+c28NlOFC4Xiknihw9WexfhG2:fXAu3pS7GOaoMl/+cxxe9Jn
Score1/10 -
-
-
Target
getroot/mcast_msfilter
-
Size
18KB
-
MD5
585be83c1ee0ad009379369717ba988c
-
SHA1
1a8712007f9ef593044350226b829a9fb25f91ad
-
SHA256
11cd544a84ebfe0f4c26934afc6b5eb63dbc610827dd4ffd43a29835c3196a6c
-
SHA512
fa4816d9b452f0f4a39ef6e9a992d8780c350fa37ac8896961f057d172b648a2e72b6ef0db3d9936660173e06bb37100b654c3463d423715cc44ea7dbba51c25
-
SSDEEP
384:fi6uMdEEHV+rFednYMCQ7UfBXh18I74dOPtpiYbs5tTVdiM:rqoU8a9Q7UVP37JTs5tTVdF
Score1/10 -
-
-
Target
getroot/prctl_coredump
-
Size
8KB
-
MD5
cb956b01b2d8e5038423d5418129f63c
-
SHA1
a01dffb8814a92592cb730246a1b4ae916b4938b
-
SHA256
a74e005a564a2e4d78649f869b59a26b5f5608dcb052a99763522d67077350ef
-
SHA512
105d50f9593bc80dedc24bd34c1a35c405595f2f14ae66d45179740952c4c17b714a1a7abf6f9e113e766e4b30fe0c94aed15a5bea7c19026f28385afc2f00ea
-
SSDEEP
192:fcw+CM40opsPCULU65KbdnMncAWjyP5LfUu0P:fdmDU65KbdnGMj65LfUuu
Score1/10 -
-
-
Target
getroot/prctlpute
-
Size
7KB
-
MD5
8ec87dac0c793ad73adf2d679a28d069
-
SHA1
dab3078bba3dd0328bbaee9f73d24765fec8c8c5
-
SHA256
cd701f7e6c4ed0f03ceace516417ec477dff6bbf2417041e4c087e4baef91502
-
SHA512
4e7281959bd32b5a9475fc69170198c72b34e2f036f8560aecdd4109e8ca7d6b2439fcc1cf77a0e0685f69c050706bb492e2cb35bd4b8514aa8883f9f7d3d84d
-
SSDEEP
96:fUChVNWnBEscNMbD4I7pstIPj/f2sSUIc6SaiuaDirBKCRdQV+V5V3afOG+G:fHziBE8Dy2l9Ic6BKCRdQe5V9g
Score1/10 -
-
-
Target
getroot/ptrace_pokeuser
-
Size
9KB
-
MD5
898dde6afb3142e607528359b0935e9e
-
SHA1
237fc44013a1975c4da3eda5a3dee150b6d21b3b
-
SHA256
5e440444f93a5ab3f5b945e8bc57b7ee9713b0617d67862014e6616b4dbb0a75
-
SHA512
08badd3a4f7536df24a46d589aa1ee9dabd114da8f42013d1db72517d282d0de89199fd83cfb471a98bda947b484c52fe582240993b1995ae146cde61e9e5707
-
SSDEEP
192:GXH+juafdgFsjLdvkscNvT1sZlLXWPSWenBx:sQfdfjhcscNNPS5
Score7/10-
Traces itself
Traces itself to prevent debugging attempts
-
-
-
Target
getroot/rds-privesc
-
Size
11KB
-
MD5
2851430aa56a27c2069463784edec7d1
-
SHA1
60a79d0e87dab83bef8622eb652e5161364648cb
-
SHA256
ee7a6c5fd482177406dae58eb250fa00ca7f30faba58bf79de15aea807fee991
-
SHA512
99a123955c2302ecb050fa4edf51dd127faa4eb9df5b810056cfc3a3530a4500602da3907fbe887143653d5634f6678ba1f25c5fe55f2bc0b69333f194c5aa8d
-
SSDEEP
192:fnKmDTbYPwzWqs3LQ+SEptNFytZeLkn30U:fdMP95bQ1tZe4nj
Score1/10 -
-
-
Target
getroot/udev-141
-
Size
7KB
-
MD5
4c62967a90dc9a96cb95dbf0085e08b1
-
SHA1
e54ff90c390006113ccb8f056eb540d6508286df
-
SHA256
b1270e43968880be67b8a03e51df4f6c7fff525fb43033bae06b2a76f3a40f1c
-
SHA512
7128d578b6c296b188a43661cbef2e737f1bebe89d3edccf60c9c03f130e052ca9c4061433537b5bfca69a9edb55890e207d8b7891b9a802cf8845c48b75f9d5
-
SSDEEP
96:fNarj1Kbz9K+R/Y9pr7OCtjt30mnqvG2LhhGd5ZorT+cevr3Pyx2WFH:ffKpr7OqtZug2dR
Score1/10 -
-
-
Target
getroot/vmsplice
-
Size
10KB
-
MD5
24075f37b686e462638ff008e261dc39
-
SHA1
7477a848d8ffffffac275f6e94c1b47f8992466a
-
SHA256
dcb93f8437020f853fb42a3f1e248514efda6a7698addee235e2d3edfdf79b95
-
SHA512
f9a8b281588778ce6db8ce8f7e93457092552669adcb0fa38d4d8bdc3aa41e773150a9204721178462ef6e66890b702ba143b664ff020e4488e65f5a8df56715
-
SSDEEP
192:fX3ETppMpO84pdPLzY2opJ/c50swALbYvB:fX3ETTSennpopFG0xAQ
Score1/10 -
-
-
Target
getroot/vmsplice2
-
Size
511KB
-
MD5
ad297e8562bbb3e52187379c87264781
-
SHA1
745e3c9509099d13c487455529bf6aea9f5fa29e
-
SHA256
64a903f40c608b08c1e3ac16f32a66d87244f4de8c93700300387697a6de9a19
-
SHA512
d061e1484e6973a2a280a7658650230c41f8e8ba38906fab8c2e09421f00bce8c806ec226c34dc97f4227cd1b3fdfa54a34011184e41cf9cb4b496963936f3d1
-
SSDEEP
12288:9Ne0WEtAFPRimzv8dnqHP/7lWo362fkskSsdW:9cjQAFPRiXdnqHPBjKkksNsM
Score1/10 -
-
-
Target
getroot/vmsplice3
-
Size
8KB
-
MD5
cf6c56ba83b118b59339fd973facc936
-
SHA1
dc5c121f2f9943df69c40e73e8458e44f1d460b3
-
SHA256
7b034d75f9140be299d7731c2e51c3b81d0aa3f0b23b3c1744860f258f7a6eda
-
SHA512
762a20f9689d8ea846e1fbd878534394af7b68308dd169480025fd569d9bc9d42bf2032f50679443b529c3d9aaec442a394b4934849865235f145833b6fdd232
-
SSDEEP
96:fXNbIW9p649cDWhMRP1SiNgo55CmWr2TBDecWNnWplC43iwZ4DM6bQ+utG4+8f05:fXRXp6Ecq+EiSXB2lDecUi+ZxGQ5
Score1/10 -