f5968ced46e935dbe5f5e82dc635dc85090b3edf17e399edd40474a69ce5be8e

Resubmissions

03/03/2024, 07:54

240303-jr1m8sga65 7

29/05/2023, 10:54

230529-mzjapsbd57 7

Analysis

max time kernel
20s
max time network
20s
platform
ubuntu-20.04_amd64
resource
ubuntu2004-amd64-20240221-en
resource tags

arch:amd64arch:i386image:ubuntu2004-amd64-20240221-enkernel:5.4.0-169-genericlocale:en-usos:ubuntu-20.04-amd64system
submitted
03/03/2024, 07:54

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

x86_64.elf
Size

135KB
MD5

19a13206cf7155c2cca692efa200a932
SHA1

80bb6a35968b732d3f34d766c0d4532e27846dff
SHA256

f5968ced46e935dbe5f5e82dc635dc85090b3edf17e399edd40474a69ce5be8e
SHA512

fe6357c7a08d4113bb2a9dde0f81a4039433b48c93f7745401df141e7bf546c4af4ed557baaf48b5e8a0082492e153817ab2cc8bd39a9f768fc57578224a5b3d
SSDEEP

3072:tWUl6QrrF2YubVyBXdqoo161Iw4jLGilY1Zul8ouG:tWUlBrrl/u5Y8d

Score

7^/10

Malware Config

Signatures

Changes its process name 1 IoCs

description	ioc	pid	Process
Changes the process name, possibly in an attempt to hide itself		1478	x86_64.elf

Enumerates running processes
Discovers information about currently running processes on the system

Reads runtime system information 64 IoCs

Reads data from /proc virtual filesystem.

description	ioc
File opened for reading	/proc/74/cmdline
File opened for reading	/proc/89/cmdline
File opened for reading	/proc/1111/cmdline
File opened for reading	/proc/3/status
File opened for reading	/proc/439/status
File opened for reading	/proc/478/status
File opened for reading	/proc/5/cmdline
File opened for reading	/proc/1473/cmdline
File opened for reading	/proc/10/status
File opened for reading	/proc/562/status
File opened for reading	/proc/1032/status
File opened for reading	/proc/161/cmdline
File opened for reading	/proc/808/cmdline
File opened for reading	/proc/1085/cmdline
File opened for reading	/proc/1421/status
File opened for reading	/proc/640/cmdline
File opened for reading	/proc/1858/status
File opened for reading	/proc/1917/status
File opened for reading	/proc/852/status
File opened for reading	/proc/1104/status
File opened for reading	/proc/159/cmdline
File opened for reading	/proc/1171/cmdline
File opened for reading	/proc/173/status
File opened for reading	/proc/2070/cmdline
File opened for reading	/proc/800/status
File opened for reading	/proc/167/cmdline
File opened for reading	/proc/176/cmdline
File opened for reading	/proc/1464/cmdline
File opened for reading	/proc/517/cmdline
File opened for reading	/proc/952/cmdline
File opened for reading	/proc/1032/cmdline
File opened for reading	/proc/85/status
File opened for reading	/proc/172/status
File opened for reading	/proc/638/status
File opened for reading	/proc/923/status
File opened for reading	/proc/911/cmdline
File opened for reading	/proc/1076/cmdline
File opened for reading	/proc/637/status
File opened for reading	/proc/1036/status
File opened for reading	/proc/1423/status
File opened for reading	/proc/86/cmdline
File opened for reading	/proc/532/cmdline
File opened for reading	/proc/1422/cmdline
File opened for reading	/proc/1980/status
File opened for reading	/proc/21/status
File opened for reading	/proc/559/status
File opened for reading	/proc/162/cmdline
File opened for reading	/proc/1983/status
File opened for reading	/proc/971/cmdline
File opened for reading	/proc/2/status
File opened for reading	/proc/1420/status
File opened for reading	/proc/391/cmdline
File opened for reading	/proc/606/cmdline
File opened for reading	/proc/242/status
File opened for reading	/proc/536/cmdline
File opened for reading	/proc/1779/cmdline
File opened for reading	/proc/164/status
File opened for reading	/proc/2062/status
File opened for reading	/proc/1413/cmdline
File opened for reading	/proc/1982/status
File opened for reading	/proc/2067/cmdline
File opened for reading	/proc/176/status
File opened for reading	/proc/971/status
File opened for reading	/proc/77/cmdline

Windows 7 deprecation

Loading Replay Monitor...

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads