7a74f548ee440de4c1d35b891fc609a84f5acf5e8b6841a1001b463c4dc46532

Analysis

max time kernel
140s
max time network
148s
platform
ubuntu-20.04_amd64
resource
ubuntu2004-amd64-20240221-en
resource tags

arch:amd64arch:i386image:ubuntu2004-amd64-20240221-enkernel:5.4.0-169-genericlocale:en-usos:ubuntu-20.04-amd64system
submitted
20-04-2024 01:34

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

7a74f548ee440de4c1d35b891fc609a84f5acf5e8b6841a1001b463c4dc46532.elf
Size

94KB
MD5

61682f3d6f8a60b2526fbf2e331a44fa
SHA1

287d1364326ea46270e2b46bd3c7c5e04f028ce0
SHA256

7a74f548ee440de4c1d35b891fc609a84f5acf5e8b6841a1001b463c4dc46532
SHA512

275e285d7307cca4a2a8f53db5b4abebccadd7e8f06ff55b71707db195bd103ffc0a3a1dccd0db6b088072152013dc7584a7307018f1c9fa6af0574b08cd5077
SSDEEP

1536:ycIcWeUddgRSfOtWektXFC7rpHQj9In/klDw+uckqr2XPGRw7SPRDmxW:XBoddgRSmtVWXsPpHa9InYvjkXXe2WUx

Score

6^/10

Malware Config

Signatures

Enumerates running processes
Discovers information about currently running processes on the system

Changes its process name 1 IoCs

description	pid	Process
Changes the process name, possibly in an attempt to hide itself	1477	7a74f548ee440de4c1d35b891fc609a84f5acf5e8b6841a1001b463c4dc46532.elf

Reads runtime system information 64 IoCs

Reads data from /proc virtual filesystem.

description	ioc	Process
File opened for reading	/proc/93/cmdline	7a74f548ee440de4c1d35b891fc609a84f5acf5e8b6841a1001b463c4dc46532.elf
File opened for reading	/proc/1593/cmdline	7a74f548ee440de4c1d35b891fc609a84f5acf5e8b6841a1001b463c4dc46532.elf
File opened for reading	/proc/1756/cmdline	7a74f548ee440de4c1d35b891fc609a84f5acf5e8b6841a1001b463c4dc46532.elf
File opened for reading	/proc/1772/cmdline	7a74f548ee440de4c1d35b891fc609a84f5acf5e8b6841a1001b463c4dc46532.elf
File opened for reading	/proc/1937/cmdline	7a74f548ee440de4c1d35b891fc609a84f5acf5e8b6841a1001b463c4dc46532.elf
File opened for reading	/proc/72/cmdline	7a74f548ee440de4c1d35b891fc609a84f5acf5e8b6841a1001b463c4dc46532.elf
File opened for reading	/proc/2078/cmdline	7a74f548ee440de4c1d35b891fc609a84f5acf5e8b6841a1001b463c4dc46532.elf
File opened for reading	/proc/74/cmdline	7a74f548ee440de4c1d35b891fc609a84f5acf5e8b6841a1001b463c4dc46532.elf
File opened for reading	/proc/1689/cmdline	7a74f548ee440de4c1d35b891fc609a84f5acf5e8b6841a1001b463c4dc46532.elf
File opened for reading	/proc/1955/cmdline	7a74f548ee440de4c1d35b891fc609a84f5acf5e8b6841a1001b463c4dc46532.elf
File opened for reading	/proc/2018/cmdline	7a74f548ee440de4c1d35b891fc609a84f5acf5e8b6841a1001b463c4dc46532.elf
File opened for reading	/proc/500/cmdline	7a74f548ee440de4c1d35b891fc609a84f5acf5e8b6841a1001b463c4dc46532.elf
File opened for reading	/proc/1975/cmdline	7a74f548ee440de4c1d35b891fc609a84f5acf5e8b6841a1001b463c4dc46532.elf
File opened for reading	/proc/2062/cmdline	7a74f548ee440de4c1d35b891fc609a84f5acf5e8b6841a1001b463c4dc46532.elf
File opened for reading	/proc/15/cmdline	7a74f548ee440de4c1d35b891fc609a84f5acf5e8b6841a1001b463c4dc46532.elf
File opened for reading	/proc/1033/cmdline	7a74f548ee440de4c1d35b891fc609a84f5acf5e8b6841a1001b463c4dc46532.elf
File opened for reading	/proc/1527/cmdline	7a74f548ee440de4c1d35b891fc609a84f5acf5e8b6841a1001b463c4dc46532.elf
File opened for reading	/proc/1947/cmdline	7a74f548ee440de4c1d35b891fc609a84f5acf5e8b6841a1001b463c4dc46532.elf
File opened for reading	/proc/2016/cmdline	7a74f548ee440de4c1d35b891fc609a84f5acf5e8b6841a1001b463c4dc46532.elf
File opened for reading	/proc/176/cmdline	7a74f548ee440de4c1d35b891fc609a84f5acf5e8b6841a1001b463c4dc46532.elf
File opened for reading	/proc/497/cmdline	7a74f548ee440de4c1d35b891fc609a84f5acf5e8b6841a1001b463c4dc46532.elf
File opened for reading	/proc/1725/cmdline	7a74f548ee440de4c1d35b891fc609a84f5acf5e8b6841a1001b463c4dc46532.elf
File opened for reading	/proc/2053/cmdline	7a74f548ee440de4c1d35b891fc609a84f5acf5e8b6841a1001b463c4dc46532.elf
File opened for reading	/proc/200/cmdline	7a74f548ee440de4c1d35b891fc609a84f5acf5e8b6841a1001b463c4dc46532.elf
File opened for reading	/proc/999/cmdline	7a74f548ee440de4c1d35b891fc609a84f5acf5e8b6841a1001b463c4dc46532.elf
File opened for reading	/proc/1616/cmdline	7a74f548ee440de4c1d35b891fc609a84f5acf5e8b6841a1001b463c4dc46532.elf
File opened for reading	/proc/163/cmdline	7a74f548ee440de4c1d35b891fc609a84f5acf5e8b6841a1001b463c4dc46532.elf
File opened for reading	/proc/1501/cmdline	7a74f548ee440de4c1d35b891fc609a84f5acf5e8b6841a1001b463c4dc46532.elf
File opened for reading	/proc/1936/cmdline	7a74f548ee440de4c1d35b891fc609a84f5acf5e8b6841a1001b463c4dc46532.elf
File opened for reading	/proc/1478/cmdline	7a74f548ee440de4c1d35b891fc609a84f5acf5e8b6841a1001b463c4dc46532.elf
File opened for reading	/proc/1556/cmdline	7a74f548ee440de4c1d35b891fc609a84f5acf5e8b6841a1001b463c4dc46532.elf
File opened for reading	/proc/1410/cmdline	7a74f548ee440de4c1d35b891fc609a84f5acf5e8b6841a1001b463c4dc46532.elf
File opened for reading	/proc/1763/cmdline	7a74f548ee440de4c1d35b891fc609a84f5acf5e8b6841a1001b463c4dc46532.elf
File opened for reading	/proc/1764/cmdline	7a74f548ee440de4c1d35b891fc609a84f5acf5e8b6841a1001b463c4dc46532.elf
File opened for reading	/proc/1935/cmdline	7a74f548ee440de4c1d35b891fc609a84f5acf5e8b6841a1001b463c4dc46532.elf
File opened for reading	/proc/2055/cmdline	7a74f548ee440de4c1d35b891fc609a84f5acf5e8b6841a1001b463c4dc46532.elf
File opened for reading	/proc/8/cmdline	7a74f548ee440de4c1d35b891fc609a84f5acf5e8b6841a1001b463c4dc46532.elf
File opened for reading	/proc/164/cmdline	7a74f548ee440de4c1d35b891fc609a84f5acf5e8b6841a1001b463c4dc46532.elf
File opened for reading	/proc/1615/cmdline	7a74f548ee440de4c1d35b891fc609a84f5acf5e8b6841a1001b463c4dc46532.elf
File opened for reading	/proc/1634/cmdline	7a74f548ee440de4c1d35b891fc609a84f5acf5e8b6841a1001b463c4dc46532.elf
File opened for reading	/proc/1653/cmdline	7a74f548ee440de4c1d35b891fc609a84f5acf5e8b6841a1001b463c4dc46532.elf
File opened for reading	/proc/1806/cmdline	7a74f548ee440de4c1d35b891fc609a84f5acf5e8b6841a1001b463c4dc46532.elf
File opened for reading	/proc/1977/cmdline	7a74f548ee440de4c1d35b891fc609a84f5acf5e8b6841a1001b463c4dc46532.elf
File opened for reading	/proc/22/cmdline	7a74f548ee440de4c1d35b891fc609a84f5acf5e8b6841a1001b463c4dc46532.elf
File opened for reading	/proc/1097/cmdline	7a74f548ee440de4c1d35b891fc609a84f5acf5e8b6841a1001b463c4dc46532.elf
File opened for reading	/proc/1518/cmdline	7a74f548ee440de4c1d35b891fc609a84f5acf5e8b6841a1001b463c4dc46532.elf
File opened for reading	/proc/1522/cmdline	7a74f548ee440de4c1d35b891fc609a84f5acf5e8b6841a1001b463c4dc46532.elf
File opened for reading	/proc/1538/cmdline	7a74f548ee440de4c1d35b891fc609a84f5acf5e8b6841a1001b463c4dc46532.elf
File opened for reading	/proc/1625/cmdline	7a74f548ee440de4c1d35b891fc609a84f5acf5e8b6841a1001b463c4dc46532.elf
File opened for reading	/proc/1685/cmdline	7a74f548ee440de4c1d35b891fc609a84f5acf5e8b6841a1001b463c4dc46532.elf
File opened for reading	/proc/1094/cmdline	7a74f548ee440de4c1d35b891fc609a84f5acf5e8b6841a1001b463c4dc46532.elf
File opened for reading	/proc/17/cmdline	7a74f548ee440de4c1d35b891fc609a84f5acf5e8b6841a1001b463c4dc46532.elf
File opened for reading	/proc/1079/cmdline	7a74f548ee440de4c1d35b891fc609a84f5acf5e8b6841a1001b463c4dc46532.elf
File opened for reading	/proc/9/cmdline	7a74f548ee440de4c1d35b891fc609a84f5acf5e8b6841a1001b463c4dc46532.elf
File opened for reading	/proc/1709/cmdline	7a74f548ee440de4c1d35b891fc609a84f5acf5e8b6841a1001b463c4dc46532.elf
File opened for reading	/proc/1798/cmdline	7a74f548ee440de4c1d35b891fc609a84f5acf5e8b6841a1001b463c4dc46532.elf
File opened for reading	/proc/1507/cmdline	7a74f548ee440de4c1d35b891fc609a84f5acf5e8b6841a1001b463c4dc46532.elf
File opened for reading	/proc/444/cmdline	7a74f548ee440de4c1d35b891fc609a84f5acf5e8b6841a1001b463c4dc46532.elf
File opened for reading	/proc/1984/cmdline	7a74f548ee440de4c1d35b891fc609a84f5acf5e8b6841a1001b463c4dc46532.elf
File opened for reading	/proc/84/cmdline	7a74f548ee440de4c1d35b891fc609a84f5acf5e8b6841a1001b463c4dc46532.elf
File opened for reading	/proc/1611/cmdline	7a74f548ee440de4c1d35b891fc609a84f5acf5e8b6841a1001b463c4dc46532.elf
File opened for reading	/proc/173/cmdline	7a74f548ee440de4c1d35b891fc609a84f5acf5e8b6841a1001b463c4dc46532.elf
File opened for reading	/proc/1677/cmdline	7a74f548ee440de4c1d35b891fc609a84f5acf5e8b6841a1001b463c4dc46532.elf
File opened for reading	/proc/1724/cmdline	7a74f548ee440de4c1d35b891fc609a84f5acf5e8b6841a1001b463c4dc46532.elf

/tmp/7a74f548ee440de4c1d35b891fc609a84f5acf5e8b6841a1001b463c4dc46532.elf
/tmp/7a74f548ee440de4c1d35b891fc609a84f5acf5e8b6841a1001b463c4dc46532.elf
1⤵
- Changes its process name
- Reads runtime system information
PID:1477

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads