ba7adfc450545f1c46246c6c695ec02b47794cb2c3f93b23aca0ade2631be45e

Analysis

max time kernel
147s
max time network
148s
platform
ubuntu-18.04_amd64
resource
ubuntu1804-amd64-20240226-en
resource tags

arch:amd64arch:i386image:ubuntu1804-amd64-20240226-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system
submitted
24-04-2024 08:17

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

55307e148d1559a7c5b451f18fe2a65d.elf
Size

91KB
MD5

55307e148d1559a7c5b451f18fe2a65d
SHA1

ae2a04408b14a8b20a45e20331f8e3908e6df900
SHA256

ba7adfc450545f1c46246c6c695ec02b47794cb2c3f93b23aca0ade2631be45e
SHA512

9dc7af1e3583b7274f8b0c75cb6570fa43a1b96ba4d8c53be87a95d3bbcc462f225d14deacd58d2abe7a312d8889e6dcb1d59bdbb815c132fc7b198dbd864db7
SSDEEP

1536:oFd1IRgCXUzx7t0fM6lSgcEiyhcgSnyy72wPZnWhZS5xtY+u:oFdmR9XUzxh0fMQSgcEim8yHAdew5bu

Score

6^/10

Malware Config

Signatures

Enumerates running processes
Discovers information about currently running processes on the system

Changes its process name 1 IoCs

description	pid	Process
Changes the process name, possibly in an attempt to hide itself	1577	55307e148d1559a7c5b451f18fe2a65d.elf

Reads runtime system information 64 IoCs

Reads data from /proc virtual filesystem.

description	ioc	Process
File opened for reading	/proc/34/cmdline	55307e148d1559a7c5b451f18fe2a65d.elf
File opened for reading	/proc/115/cmdline	55307e148d1559a7c5b451f18fe2a65d.elf
File opened for reading	/proc/183/cmdline	55307e148d1559a7c5b451f18fe2a65d.elf
File opened for reading	/proc/563/cmdline	55307e148d1559a7c5b451f18fe2a65d.elf
File opened for reading	/proc/674/cmdline	55307e148d1559a7c5b451f18fe2a65d.elf
File opened for reading	/proc/739/cmdline	55307e148d1559a7c5b451f18fe2a65d.elf
File opened for reading	/proc/1068/cmdline	55307e148d1559a7c5b451f18fe2a65d.elf
File opened for reading	/proc/29/cmdline	55307e148d1559a7c5b451f18fe2a65d.elf
File opened for reading	/proc/481/cmdline	55307e148d1559a7c5b451f18fe2a65d.elf
File opened for reading	/proc/641/cmdline	55307e148d1559a7c5b451f18fe2a65d.elf
File opened for reading	/proc/1165/cmdline	55307e148d1559a7c5b451f18fe2a65d.elf
File opened for reading	/proc/1254/cmdline	55307e148d1559a7c5b451f18fe2a65d.elf
File opened for reading	/proc/32/cmdline	55307e148d1559a7c5b451f18fe2a65d.elf
File opened for reading	/proc/20/cmdline	55307e148d1559a7c5b451f18fe2a65d.elf
File opened for reading	/proc/31/cmdline	55307e148d1559a7c5b451f18fe2a65d.elf
File opened for reading	/proc/78/cmdline	55307e148d1559a7c5b451f18fe2a65d.elf
File opened for reading	/proc/81/cmdline	55307e148d1559a7c5b451f18fe2a65d.elf
File opened for reading	/proc/186/cmdline	55307e148d1559a7c5b451f18fe2a65d.elf
File opened for reading	/proc/951/cmdline	55307e148d1559a7c5b451f18fe2a65d.elf
File opened for reading	/proc/1084/cmdline	55307e148d1559a7c5b451f18fe2a65d.elf
File opened for reading	/proc/9/cmdline	55307e148d1559a7c5b451f18fe2a65d.elf
File opened for reading	/proc/1309/cmdline	55307e148d1559a7c5b451f18fe2a65d.elf
File opened for reading	/proc/1380/cmdline	55307e148d1559a7c5b451f18fe2a65d.elf
File opened for reading	/proc/1113/cmdline	55307e148d1559a7c5b451f18fe2a65d.elf
File opened for reading	/proc/1193/cmdline	55307e148d1559a7c5b451f18fe2a65d.elf
File opened for reading	/proc/1182/cmdline	55307e148d1559a7c5b451f18fe2a65d.elf
File opened for reading	/proc/98/cmdline	55307e148d1559a7c5b451f18fe2a65d.elf
File opened for reading	/proc/498/cmdline	55307e148d1559a7c5b451f18fe2a65d.elf
File opened for reading	/proc/656/cmdline	55307e148d1559a7c5b451f18fe2a65d.elf
File opened for reading	/proc/729/cmdline	55307e148d1559a7c5b451f18fe2a65d.elf
File opened for reading	/proc/963/cmdline	55307e148d1559a7c5b451f18fe2a65d.elf
File opened for reading	/proc/1124/cmdline	55307e148d1559a7c5b451f18fe2a65d.elf
File opened for reading	/proc/1153/cmdline	55307e148d1559a7c5b451f18fe2a65d.elf
File opened for reading	/proc/30/cmdline	55307e148d1559a7c5b451f18fe2a65d.elf
File opened for reading	/proc/1302/cmdline	55307e148d1559a7c5b451f18fe2a65d.elf
File opened for reading	/proc/1331/cmdline	55307e148d1559a7c5b451f18fe2a65d.elf
File opened for reading	/proc/1579/cmdline	55307e148d1559a7c5b451f18fe2a65d.elf
File opened for reading	/proc/1189/cmdline	55307e148d1559a7c5b451f18fe2a65d.elf
File opened for reading	/proc/3/cmdline	55307e148d1559a7c5b451f18fe2a65d.elf
File opened for reading	/proc/80/cmdline	55307e148d1559a7c5b451f18fe2a65d.elf
File opened for reading	/proc/326/cmdline	55307e148d1559a7c5b451f18fe2a65d.elf
File opened for reading	/proc/1243/cmdline	55307e148d1559a7c5b451f18fe2a65d.elf
File opened for reading	/proc/1591/cmdline	55307e148d1559a7c5b451f18fe2a65d.elf
File opened for reading	/proc/2/cmdline	55307e148d1559a7c5b451f18fe2a65d.elf
File opened for reading	/proc/27/cmdline	55307e148d1559a7c5b451f18fe2a65d.elf
File opened for reading	/proc/553/cmdline	55307e148d1559a7c5b451f18fe2a65d.elf
File opened for reading	/proc/21/cmdline	55307e148d1559a7c5b451f18fe2a65d.elf
File opened for reading	/proc/1330/cmdline	55307e148d1559a7c5b451f18fe2a65d.elf
File opened for reading	/proc/1354/cmdline	55307e148d1559a7c5b451f18fe2a65d.elf
File opened for reading	/proc/1569/cmdline	55307e148d1559a7c5b451f18fe2a65d.elf
File opened for reading	/proc/1012/cmdline	55307e148d1559a7c5b451f18fe2a65d.elf
File opened for reading	/proc/967/cmdline	55307e148d1559a7c5b451f18fe2a65d.elf
File opened for reading	/proc/1145/cmdline	55307e148d1559a7c5b451f18fe2a65d.elf
File opened for reading	/proc/1195/cmdline	55307e148d1559a7c5b451f18fe2a65d.elf
File opened for reading	/proc/1236/cmdline	55307e148d1559a7c5b451f18fe2a65d.elf
File opened for reading	/proc/1590/cmdline	55307e148d1559a7c5b451f18fe2a65d.elf
File opened for reading	/proc/185/cmdline	55307e148d1559a7c5b451f18fe2a65d.elf
File opened for reading	/proc/461/cmdline	55307e148d1559a7c5b451f18fe2a65d.elf
File opened for reading	/proc/657/cmdline	55307e148d1559a7c5b451f18fe2a65d.elf
File opened for reading	/proc/416/cmdline	55307e148d1559a7c5b451f18fe2a65d.elf
File opened for reading	/proc/23/cmdline	55307e148d1559a7c5b451f18fe2a65d.elf
File opened for reading	/proc/24/cmdline	55307e148d1559a7c5b451f18fe2a65d.elf
File opened for reading	/proc/83/cmdline	55307e148d1559a7c5b451f18fe2a65d.elf
File opened for reading	/proc/184/cmdline	55307e148d1559a7c5b451f18fe2a65d.elf

/tmp/55307e148d1559a7c5b451f18fe2a65d.elf
/tmp/55307e148d1559a7c5b451f18fe2a65d.elf
1⤵
- Changes its process name
- Reads runtime system information
PID:1577

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads