Analysis

  • max time kernel
    146s
  • max time network
    147s
  • platform
    ubuntu-20.04_amd64
  • resource
    ubuntu2004-amd64-20240221-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2004-amd64-20240221-enkernel:5.4.0-169-genericlocale:en-usos:ubuntu-20.04-amd64system
  • submitted
    30/03/2024, 02:27

General

  • Target

    fb6fb2563df6d09b159a186f2d2cc0680370c3a162e4a480fc6827bb81b6015c.elf

  • Size

    98KB

  • MD5

    cdc66da4c5dce819f515426efe4b42c2

  • SHA1

    eef7fe700252700696aba59df75c9e96332340f6

  • SHA256

    fb6fb2563df6d09b159a186f2d2cc0680370c3a162e4a480fc6827bb81b6015c

  • SHA512

    00b6056c616defaa388cf614b0948a3746b0827b770bf633d4e3f4b3b8f5bce85d72e8bfc4e5d5a318c65f4f06221cabec5d27ef077c99d6690d18d7d6a99493

  • SSDEEP

    3072:Dk6A8U8UqUjaErZLunCgTiSWTvUXR8ePdaH1nzyWmyezXdKCYdoq:Dm8frga0ZLuHGSWTsXR8adgnzyWmyezq

Score
7/10

Malware Config

Signatures

  • Changes its process name 1 IoCs
  • Reads system routing table 1 TTPs 1 IoCs

    Gets active network interfaces from /proc virtual filesystem.

  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

Processes

  • /tmp/fb6fb2563df6d09b159a186f2d2cc0680370c3a162e4a480fc6827bb81b6015c.elf
    /tmp/fb6fb2563df6d09b159a186f2d2cc0680370c3a162e4a480fc6827bb81b6015c.elf
    1⤵
    • Changes its process name
    • Reads system routing table
    • Reads system network configuration
    PID:1485

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads