Analysis
-
max time kernel
149s -
max time network
139s -
platform
ubuntu-20.04_amd64 -
resource
ubuntu2004-amd64-20240221-en -
resource tags
-
submitted
22/04/2024, 06:58
General
-
Target
223af080f99c11e41c400f2de273964e.elf
-
Size
160KB
-
MD5
223af080f99c11e41c400f2de273964e
-
SHA1
ece25a4b9000346df0d2fe815ddd8f69a355d21c
-
SHA256
b1517ac7f45bc077d52e9fa942a330ad1482fa01fbbad595d39c2f518318346a
-
SHA512
53317383d9280aebfc780041bea077c14d4b98fcf1058efef2e97c77cfaf6eadd6b1a16cff37e4e87f1b35c5dbb33f08166888a36a35934196e00ec8cdc98607
-
SSDEEP
3072:AJQXr81LuRI084p/TiALwy+ZjWnHwGr1j/bR1:AmXrSLi+ZKn/L
Score
7/10
Malware Config
Signatures
-
Unexpected DNS network traffic destination 1 IoCs
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Enumerates active TCP sockets 1 TTPs 1 IoCs
Gets active TCP sockets from /proc virtual filesystem.
-
Changes its process name 1 IoCs
-
Reads system network configuration 1 TTPs 1 IoCs
Uses contents of /proc filesystem to enumerate network settings.
Processes
-
/tmp/223af080f99c11e41c400f2de273964e.elf/tmp/223af080f99c11e41c400f2de273964e.elf1⤵
- Enumerates active TCP sockets
- Changes its process name
- Reads system network configuration