Analysis
-
max time kernel
146s -
max time network
147s -
platform
ubuntu-20.04_amd64 -
resource
ubuntu2004-amd64-20240221-en -
resource tags
arch:amd64arch:i386image:ubuntu2004-amd64-20240221-enkernel:5.4.0-169-genericlocale:en-usos:ubuntu-20.04-amd64system -
submitted
30/03/2024, 02:27
Behavioral task
behavioral1
Sample
fb6fb2563df6d09b159a186f2d2cc0680370c3a162e4a480fc6827bb81b6015c.elf
Resource
ubuntu2004-amd64-20240221-en
3 signatures
150 seconds
General
-
Target
fb6fb2563df6d09b159a186f2d2cc0680370c3a162e4a480fc6827bb81b6015c.elf
-
Size
98KB
-
MD5
cdc66da4c5dce819f515426efe4b42c2
-
SHA1
eef7fe700252700696aba59df75c9e96332340f6
-
SHA256
fb6fb2563df6d09b159a186f2d2cc0680370c3a162e4a480fc6827bb81b6015c
-
SHA512
00b6056c616defaa388cf614b0948a3746b0827b770bf633d4e3f4b3b8f5bce85d72e8bfc4e5d5a318c65f4f06221cabec5d27ef077c99d6690d18d7d6a99493
-
SSDEEP
3072:Dk6A8U8UqUjaErZLunCgTiSWTvUXR8ePdaH1nzyWmyezXdKCYdoq:Dm8frga0ZLuHGSWTsXR8adgnzyWmyezq
Score
7/10
Malware Config
Signatures
-
Changes its process name 1 IoCs
description ioc pid Process Changes the process name, possibly in an attempt to hide itself sshd 1485 fb6fb2563df6d09b159a186f2d2cc0680370c3a162e4a480fc6827bb81b6015c.elf -
Reads system routing table 1 TTPs 1 IoCs
Gets active network interfaces from /proc virtual filesystem.
description ioc Process File opened for reading /proc/net/route fb6fb2563df6d09b159a186f2d2cc0680370c3a162e4a480fc6827bb81b6015c.elf -
Reads system network configuration 1 TTPs 1 IoCs
Uses contents of /proc filesystem to enumerate network settings.
description ioc Process File opened for reading /proc/net/route fb6fb2563df6d09b159a186f2d2cc0680370c3a162e4a480fc6827bb81b6015c.elf