24411f85b7107ccac1d54c5c9173c5fc88a1ad01aaddf1a5f5374b4a136ddf33

Analysis

max time kernel
9s
max time network
133s
platform
ubuntu-18.04_amd64
resource
ubuntu1804-amd64-20231215-en
resource tags

arch:amd64arch:i386image:ubuntu1804-amd64-20231215-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system
submitted
01/02/2024, 11:19

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

fc393663edc669efeec0e0c54d5c82f9.elf
Size

54KB
MD5

fc393663edc669efeec0e0c54d5c82f9
SHA1

7d6049b194c6dc050a6844ae03f12a996e459eae
SHA256

24411f85b7107ccac1d54c5c9173c5fc88a1ad01aaddf1a5f5374b4a136ddf33
SHA512

7ca8fd5c48d20572bd3e4c5dbd9fc3e1d118a70c5e84f30fca18bbe1514fcbb1039bcb6854cfa3af67707543f0f3cbe7a8113e48f5be4446b7a9fff5e93625e1
SSDEEP

768:FmnthEsW5qnF15RY1dhPe7oXTmcPDj5gk9vWnTI4eBH+4sToQLDKFv:Yn/EsW5qhSh6am0lWnU4GH+dNLY

Score

6^/10

Malware Config

Signatures

Enumerates active TCP sockets 1 TTPs 1 IoCs

Gets active TCP sockets from /proc virtual filesystem.

System Network Connections Discovery

T1049

description	ioc	Process
File opened for reading	/proc/net/tcp	fc393663edc669efeec0e0c54d5c82f9.elf

Reads system network configuration 1 TTPs 1 IoCs

Uses contents of /proc filesystem to enumerate network settings.

System Network Configuration Discovery

T1016

description	ioc	Process
File opened for reading	/proc/net/tcp	fc393663edc669efeec0e0c54d5c82f9.elf

/tmp/fc393663edc669efeec0e0c54d5c82f9.elf
/tmp/fc393663edc669efeec0e0c54d5c82f9.elf
1⤵
- Enumerates active TCP sockets
- Reads system network configuration
PID:1541

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

T1016

System Network Connections Discovery

T1049

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Windows 7 deprecation

Loading Replay Monitor...