Overview

overview

9

Static

static

1

40e557159e...e4.elf

ubuntu-18.04-amd64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    40e557159eecf832ad9a7b55b75f84f3cc3b233844236fc21e693df54e7133e4.elf

  • Size

    65KB

  • Sample

    240213-czmysacd37

  • MD5

    c98cdfb0a4d656b36f20173a875240e2

  • SHA1

    18be9110477cf7a3bf13f63190eadfbd4b0f487c

  • SHA256

    40e557159eecf832ad9a7b55b75f84f3cc3b233844236fc21e693df54e7133e4

  • SHA512

    d4a18a35331626874c917aa37e7c3d2e690f9839c1cd3358f18f6aeb5f05b543d23225d890f3b27934c48fe5991ae1dd075804367c2798734d7d9d8174ceb1f4

  • SSDEEP

    1536:qKi/Cm5y5W/EgoNL9Q3J8limQwUZu4j15IjOeDCIVe2X2SQQRR:/i6Sy5W/va9Q51Rw4vqOACerXD

Score
9/10
discoverylinux

Malware Config

Targets

    • Target

      40e557159eecf832ad9a7b55b75f84f3cc3b233844236fc21e693df54e7133e4.elf

    • Size

      65KB

    • MD5

      c98cdfb0a4d656b36f20173a875240e2

    • SHA1

      18be9110477cf7a3bf13f63190eadfbd4b0f487c

    • SHA256

      40e557159eecf832ad9a7b55b75f84f3cc3b233844236fc21e693df54e7133e4

    • SHA512

      d4a18a35331626874c917aa37e7c3d2e690f9839c1cd3358f18f6aeb5f05b543d23225d890f3b27934c48fe5991ae1dd075804367c2798734d7d9d8174ceb1f4

    • SSDEEP

      1536:qKi/Cm5y5W/EgoNL9Q3J8limQwUZu4j15IjOeDCIVe2X2SQQRR:/i6Sy5W/va9Q51Rw4vqOACerXD

    Score
    9/10
    discovery

    • Contacts a large (68832) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Changes its process name

    • Renames itself

    • Enumerates active TCP sockets

      Gets active TCP sockets from /proc virtual filesystem.

    • Enumerates running processes

      Discovers information about currently running processes on the system

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks