Analysis

  • max time kernel
    149s
  • max time network
    151s
  • platform
    ubuntu-20.04_amd64
  • resource
    ubuntu2004-amd64-20240221-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2004-amd64-20240221-enkernel:5.4.0-169-genericlocale:en-usos:ubuntu-20.04-amd64system
  • submitted
    18-04-2024 20:11

General

  • Target

    7dca39066597a4dc093b6d31a65ae4e3.elf

  • Size

    45KB

  • MD5

    7dca39066597a4dc093b6d31a65ae4e3

  • SHA1

    50a2113d43f547708893487b29e3cc1eef568ab0

  • SHA256

    7d34f68e05ff02c35610806b8138d2e2c3bd7a2168b2e9c4335af1c38a2ad6a4

  • SHA512

    ffcc149af4d1a19a6ebd97c1d7ef38f8082075dc7e73a292ff8face85778f3aa6f007da9d5ae7677056d76b894bca93d3ead0ad8e8a152da115bcf7b2b227f78

  • SSDEEP

    768:kFsCAjAHYeH0OVnC/I3JcXKcgVgQ9E27PVFrvFb+INmUaD4y8Bj/Ms3IU:kFsCAjAHFHNVnLZ+gV5W0D+INm9D4PLJ

Score
9/10

Malware Config

Signatures

  • Creates a large amount of network flows 1 TTPs

    This may indicate a network scan to discover remotely running services.

  • Changes its process name 1 IoCs
  • Unexpected DNS network traffic destination 6 IoCs

    Network traffic to other servers than the configured DNS servers was detected on the DNS port.

Processes

  • /tmp/7dca39066597a4dc093b6d31a65ae4e3.elf
    /tmp/7dca39066597a4dc093b6d31a65ae4e3.elf
    1⤵
    • Changes its process name
    PID:1475

Network

MITRE ATT&CK Matrix ATT&CK v13

Replay Monitor

Loading Replay Monitor...

Downloads