Analysis
-
max time kernel
147s -
max time network
149s -
platform
ubuntu-20.04_amd64 -
resource
ubuntu2004-amd64-20240221-en -
resource tags
arch:amd64arch:i386image:ubuntu2004-amd64-20240221-enkernel:5.4.0-169-genericlocale:en-usos:ubuntu-20.04-amd64system -
submitted
30/03/2024, 02:07
Behavioral task
behavioral1
Sample
43026ac08eb41f4464a8cefecb8b9f7140f54ed598c2d2bc8e868fa0c063c0c5.elf
Resource
ubuntu2004-amd64-20240221-en
3 signatures
150 seconds
General
-
Target
43026ac08eb41f4464a8cefecb8b9f7140f54ed598c2d2bc8e868fa0c063c0c5.elf
-
Size
114KB
-
MD5
8cd2686d55d8abf6c5f626c71d94a8ff
-
SHA1
0c808f720090c41f1a397360eb66e5a238ad8f73
-
SHA256
43026ac08eb41f4464a8cefecb8b9f7140f54ed598c2d2bc8e868fa0c063c0c5
-
SHA512
c9ffce6fb7b8dc8ac91015452a5927f275994ed27b6fd1c7eb10eeb351d4dd4c16d7676a6a2c9066873163f7519e540b0c7caf186210f52198009ba948e6316f
-
SSDEEP
3072:d1TYGMLI+pnNPEXR8emVs3woJBhWmkI7w/7H4ob:djYEXR8LohWmkI7w/T4ob
Score
7/10
Malware Config
Signatures
-
Changes its process name 1 IoCs
description ioc pid Process Changes the process name, possibly in an attempt to hide itself sshd 1477 43026ac08eb41f4464a8cefecb8b9f7140f54ed598c2d2bc8e868fa0c063c0c5.elf -
Reads system routing table 1 TTPs 1 IoCs
Gets active network interfaces from /proc virtual filesystem.
description ioc Process File opened for reading /proc/net/route 43026ac08eb41f4464a8cefecb8b9f7140f54ed598c2d2bc8e868fa0c063c0c5.elf -
Reads system network configuration 1 TTPs 1 IoCs
Uses contents of /proc filesystem to enumerate network settings.
description ioc Process File opened for reading /proc/net/route 43026ac08eb41f4464a8cefecb8b9f7140f54ed598c2d2bc8e868fa0c063c0c5.elf