Overview

overview

7

Static

static

1

eda208075a...c2.elf

ubuntu-18.04-amd64

7

Analysis

  • max time kernel
    145s
  • max time network
    129s
  • platform
    ubuntu-18.04_amd64
  • resource
    ubuntu1804-amd64-20240221-en
  • resource tags

    arch:amd64arch:i386image:ubuntu1804-amd64-20240221-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system
  • submitted
    24-02-2024 13:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    eda208075a9cf7217707debeb60db8c2.elf

  • Size

    86KB

  • MD5

    eda208075a9cf7217707debeb60db8c2

  • SHA1

    4a1437b769d946b50687bc1e85e04cc9cf4eb8c4

  • SHA256

    6a42411e211a741093a68c9ed727277cb59d38820d9b0b67adbb1b2f5a1053ad

  • SHA512

    1261d2cd8ef2d8d21a8652d1349d31451af01a1a9e90f7320867b8121a2c5bc258dc06bc96d0df13b0c5cf8217aad3238f1de09d441e5bf057ecf321d3d216b2

  • SSDEEP

    1536:7Yu1gvrsMcAoaEey6zDoUJxyJauu7hCPfB6eBhnwOv/I2naJRU:7J1g7Ljy6zlxyJu7Q8eBhnwO3Is

Score
7/10

Malware Config

Signatures

  • Changes its process name 1 IoCs
  • Reads system routing table 1 TTPs 1 IoCs

    Gets active network interfaces from /proc virtual filesystem.

  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

Processes

  • /tmp/eda208075a9cf7217707debeb60db8c2.elf
    /tmp/eda208075a9cf7217707debeb60db8c2.elf
    1⤵
    • Changes its process name
    • Reads system routing table
    • Reads system network configuration
    PID:1591

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads