Overview

overview

10

Static

static

10

64e8ad7bdd...f0.elf

ubuntu-18.04-amd64

7

Analysis

  • max time kernel
    149s
  • max time network
    137s
  • platform
    ubuntu-18.04_amd64
  • resource
    ubuntu1804-amd64-20240226-en
  • resource tags

    arch:amd64arch:i386image:ubuntu1804-amd64-20240226-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system
  • submitted
    17/04/2024, 13:34

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    64e8ad7bdd21fe97552c76c50fa910c2dc37a3cf9311c087d8fd8cd8f7f48cf0.elf

  • Size

    79KB

  • MD5

    ebd129e0c226285269fc9b76959abe2e

  • SHA1

    00534451bd674427e15b86cfef6105a1625549cf

  • SHA256

    64e8ad7bdd21fe97552c76c50fa910c2dc37a3cf9311c087d8fd8cd8f7f48cf0

  • SHA512

    9518d8fca16c24db7d37cb81806e8d24f0fa512e0be47acad42d97d7da129bcee85588698f6cb81c87fad694e13d60fcaaba6297971c9dde0bc5524c18a0fdea

  • SSDEEP

    1536:DEds2rsO0+F7mxN3iEgm1v4/fUZ0iVsZr8wbZnezSpo6x:wds2rsc7mb7gRfUh8gwbZnTh

Score
7/10

Malware Config

Signatures

  • Changes its process name 1 IoCs
  • Deletes itself 1 IoCs
  • Enumerates active TCP sockets 1 TTPs 1 IoCs

    Gets active TCP sockets from /proc virtual filesystem.

  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

  • Writes file to tmp directory 1 IoCs

    Malware often drops required files in the /tmp directory.

Processes

  • /tmp/64e8ad7bdd21fe97552c76c50fa910c2dc37a3cf9311c087d8fd8cd8f7f48cf0.elf
    /tmp/64e8ad7bdd21fe97552c76c50fa910c2dc37a3cf9311c087d8fd8cd8f7f48cf0.elf
    1⤵
    • Changes its process name
    • Deletes itself
    • Writes file to tmp directory
    PID:1543

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads