3c7208b677715b56e5bddf31b58504c0a123118cb5b862b54cbef37ca9098bdb

Analysis

max time kernel
149s
max time network
148s
platform
ubuntu-20.04_amd64
resource
ubuntu2004-amd64-20240221-en
resource tags

arch:amd64arch:i386image:ubuntu2004-amd64-20240221-enkernel:5.4.0-169-genericlocale:en-usos:ubuntu-20.04-amd64system
submitted
25-04-2024 01:19

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

3c7208b677715b56e5bddf31b58504c0a123118cb5b862b54cbef37ca9098bdb.elf
Size

140KB
MD5

a297b53ebc020b71cb16439b8dc70e77
SHA1

227b7213e919828c4ba4bd5fb5c439ffd946d945
SHA256

3c7208b677715b56e5bddf31b58504c0a123118cb5b862b54cbef37ca9098bdb
SHA512

32923b8c8d5c19fc3207ee6449322b28b2a0934cbf59e5d2412a71c964aa65d5f817ffef9fafcbc25df07cb0da9d8b7dc6daff271f293a165ecbea3382a3fa31
SSDEEP

3072:mTUTfCdO6FFtoqU6EwKhc/t/ekNaogMewcgsK027uYOlR:mTUTfCdO6FFtoqzwwQdVR

Score

6^/10

Malware Config

Signatures

Enumerates running processes
Discovers information about currently running processes on the system

Changes its process name 1 IoCs

description	ioc	pid	Process
Changes the process name, possibly in an attempt to hide itself	a- M"!	1463	3c7208b677715b56e5bddf31b58504c0a123118cb5b862b54cbef37ca9098bdb.elf

Reads runtime system information 64 IoCs

Reads data from /proc virtual filesystem.

description	ioc	Process
File opened for reading	/proc/1955/cmdline	3c7208b677715b56e5bddf31b58504c0a123118cb5b862b54cbef37ca9098bdb.elf
File opened for reading	/proc/22/cmdline	3c7208b677715b56e5bddf31b58504c0a123118cb5b862b54cbef37ca9098bdb.elf
File opened for reading	/proc/2005/cmdline	3c7208b677715b56e5bddf31b58504c0a123118cb5b862b54cbef37ca9098bdb.elf
File opened for reading	/proc/693/cmdline	3c7208b677715b56e5bddf31b58504c0a123118cb5b862b54cbef37ca9098bdb.elf
File opened for reading	/proc/455/cmdline	3c7208b677715b56e5bddf31b58504c0a123118cb5b862b54cbef37ca9098bdb.elf
File opened for reading	/proc/943/cmdline	3c7208b677715b56e5bddf31b58504c0a123118cb5b862b54cbef37ca9098bdb.elf
File opened for reading	/proc/1401/cmdline	3c7208b677715b56e5bddf31b58504c0a123118cb5b862b54cbef37ca9098bdb.elf
File opened for reading	/proc/1480/cmdline	3c7208b677715b56e5bddf31b58504c0a123118cb5b862b54cbef37ca9098bdb.elf
File opened for reading	/proc/1506/cmdline	3c7208b677715b56e5bddf31b58504c0a123118cb5b862b54cbef37ca9098bdb.elf
File opened for reading	/proc/1995/cmdline	3c7208b677715b56e5bddf31b58504c0a123118cb5b862b54cbef37ca9098bdb.elf
File opened for reading	/proc/201/cmdline	3c7208b677715b56e5bddf31b58504c0a123118cb5b862b54cbef37ca9098bdb.elf
File opened for reading	/proc/1986/cmdline	3c7208b677715b56e5bddf31b58504c0a123118cb5b862b54cbef37ca9098bdb.elf
File opened for reading	/proc/92/cmdline	3c7208b677715b56e5bddf31b58504c0a123118cb5b862b54cbef37ca9098bdb.elf
File opened for reading	/proc/170/cmdline	3c7208b677715b56e5bddf31b58504c0a123118cb5b862b54cbef37ca9098bdb.elf
File opened for reading	/proc/1410/cmdline	3c7208b677715b56e5bddf31b58504c0a123118cb5b862b54cbef37ca9098bdb.elf
File opened for reading	/proc/82/cmdline	3c7208b677715b56e5bddf31b58504c0a123118cb5b862b54cbef37ca9098bdb.elf
File opened for reading	/proc/171/cmdline	3c7208b677715b56e5bddf31b58504c0a123118cb5b862b54cbef37ca9098bdb.elf
File opened for reading	/proc/176/cmdline	3c7208b677715b56e5bddf31b58504c0a123118cb5b862b54cbef37ca9098bdb.elf
File opened for reading	/proc/1588/cmdline	3c7208b677715b56e5bddf31b58504c0a123118cb5b862b54cbef37ca9098bdb.elf
File opened for reading	/proc/86/cmdline	3c7208b677715b56e5bddf31b58504c0a123118cb5b862b54cbef37ca9098bdb.elf
File opened for reading	/proc/1969/cmdline	3c7208b677715b56e5bddf31b58504c0a123118cb5b862b54cbef37ca9098bdb.elf
File opened for reading	/proc/174/cmdline	3c7208b677715b56e5bddf31b58504c0a123118cb5b862b54cbef37ca9098bdb.elf
File opened for reading	/proc/802/cmdline	3c7208b677715b56e5bddf31b58504c0a123118cb5b862b54cbef37ca9098bdb.elf
File opened for reading	/proc/1587/cmdline	3c7208b677715b56e5bddf31b58504c0a123118cb5b862b54cbef37ca9098bdb.elf
File opened for reading	/proc/1630/cmdline	3c7208b677715b56e5bddf31b58504c0a123118cb5b862b54cbef37ca9098bdb.elf
File opened for reading	/proc/6/cmdline	3c7208b677715b56e5bddf31b58504c0a123118cb5b862b54cbef37ca9098bdb.elf
File opened for reading	/proc/1722/cmdline	3c7208b677715b56e5bddf31b58504c0a123118cb5b862b54cbef37ca9098bdb.elf
File opened for reading	/proc/484/cmdline	3c7208b677715b56e5bddf31b58504c0a123118cb5b862b54cbef37ca9098bdb.elf
File opened for reading	/proc/827/cmdline	3c7208b677715b56e5bddf31b58504c0a123118cb5b862b54cbef37ca9098bdb.elf
File opened for reading	/proc/1745/cmdline	3c7208b677715b56e5bddf31b58504c0a123118cb5b862b54cbef37ca9098bdb.elf
File opened for reading	/proc/1874/cmdline	3c7208b677715b56e5bddf31b58504c0a123118cb5b862b54cbef37ca9098bdb.elf
File opened for reading	/proc/70/cmdline	3c7208b677715b56e5bddf31b58504c0a123118cb5b862b54cbef37ca9098bdb.elf
File opened for reading	/proc/1530/cmdline	3c7208b677715b56e5bddf31b58504c0a123118cb5b862b54cbef37ca9098bdb.elf
File opened for reading	/proc/1116/cmdline	3c7208b677715b56e5bddf31b58504c0a123118cb5b862b54cbef37ca9098bdb.elf
File opened for reading	/proc/1103/cmdline	3c7208b677715b56e5bddf31b58504c0a123118cb5b862b54cbef37ca9098bdb.elf
File opened for reading	/proc/1590/cmdline	3c7208b677715b56e5bddf31b58504c0a123118cb5b862b54cbef37ca9098bdb.elf
File opened for reading	/proc/1947/cmdline	3c7208b677715b56e5bddf31b58504c0a123118cb5b862b54cbef37ca9098bdb.elf
File opened for reading	/proc/1043/cmdline	3c7208b677715b56e5bddf31b58504c0a123118cb5b862b54cbef37ca9098bdb.elf
File opened for reading	/proc/1408/cmdline	3c7208b677715b56e5bddf31b58504c0a123118cb5b862b54cbef37ca9098bdb.elf
File opened for reading	/proc/1873/cmdline	3c7208b677715b56e5bddf31b58504c0a123118cb5b862b54cbef37ca9098bdb.elf
File opened for reading	/proc/1956/cmdline	3c7208b677715b56e5bddf31b58504c0a123118cb5b862b54cbef37ca9098bdb.elf
File opened for reading	/proc/2/cmdline	3c7208b677715b56e5bddf31b58504c0a123118cb5b862b54cbef37ca9098bdb.elf
File opened for reading	/proc/1443/cmdline	3c7208b677715b56e5bddf31b58504c0a123118cb5b862b54cbef37ca9098bdb.elf
File opened for reading	/proc/1411/cmdline	3c7208b677715b56e5bddf31b58504c0a123118cb5b862b54cbef37ca9098bdb.elf
File opened for reading	/proc/2020/cmdline	3c7208b677715b56e5bddf31b58504c0a123118cb5b862b54cbef37ca9098bdb.elf
File opened for reading	/proc/164/cmdline	3c7208b677715b56e5bddf31b58504c0a123118cb5b862b54cbef37ca9098bdb.elf
File opened for reading	/proc/616/cmdline	3c7208b677715b56e5bddf31b58504c0a123118cb5b862b54cbef37ca9098bdb.elf
File opened for reading	/proc/1721/cmdline	3c7208b677715b56e5bddf31b58504c0a123118cb5b862b54cbef37ca9098bdb.elf
File opened for reading	/proc/1923/cmdline	3c7208b677715b56e5bddf31b58504c0a123118cb5b862b54cbef37ca9098bdb.elf
File opened for reading	/proc/1967/cmdline	3c7208b677715b56e5bddf31b58504c0a123118cb5b862b54cbef37ca9098bdb.elf
File opened for reading	/proc/1117/cmdline	3c7208b677715b56e5bddf31b58504c0a123118cb5b862b54cbef37ca9098bdb.elf
File opened for reading	/proc/1912/cmdline	3c7208b677715b56e5bddf31b58504c0a123118cb5b862b54cbef37ca9098bdb.elf
File opened for reading	/proc/1959/cmdline	3c7208b677715b56e5bddf31b58504c0a123118cb5b862b54cbef37ca9098bdb.elf
File opened for reading	/proc/23/cmdline	3c7208b677715b56e5bddf31b58504c0a123118cb5b862b54cbef37ca9098bdb.elf
File opened for reading	/proc/2032/cmdline	3c7208b677715b56e5bddf31b58504c0a123118cb5b862b54cbef37ca9098bdb.elf
File opened for reading	/proc/1652/cmdline	3c7208b677715b56e5bddf31b58504c0a123118cb5b862b54cbef37ca9098bdb.elf
File opened for reading	/proc/1643/cmdline	3c7208b677715b56e5bddf31b58504c0a123118cb5b862b54cbef37ca9098bdb.elf
File opened for reading	/proc/1791/cmdline	3c7208b677715b56e5bddf31b58504c0a123118cb5b862b54cbef37ca9098bdb.elf
File opened for reading	/proc/1634/cmdline	3c7208b677715b56e5bddf31b58504c0a123118cb5b862b54cbef37ca9098bdb.elf
File opened for reading	/proc/1109/cmdline	3c7208b677715b56e5bddf31b58504c0a123118cb5b862b54cbef37ca9098bdb.elf
File opened for reading	/proc/898/cmdline	3c7208b677715b56e5bddf31b58504c0a123118cb5b862b54cbef37ca9098bdb.elf
File opened for reading	/proc/1502/cmdline	3c7208b677715b56e5bddf31b58504c0a123118cb5b862b54cbef37ca9098bdb.elf
File opened for reading	/proc/671/cmdline	3c7208b677715b56e5bddf31b58504c0a123118cb5b862b54cbef37ca9098bdb.elf
File opened for reading	/proc/1734/cmdline	3c7208b677715b56e5bddf31b58504c0a123118cb5b862b54cbef37ca9098bdb.elf

/tmp/3c7208b677715b56e5bddf31b58504c0a123118cb5b862b54cbef37ca9098bdb.elf
/tmp/3c7208b677715b56e5bddf31b58504c0a123118cb5b862b54cbef37ca9098bdb.elf
1⤵
- Changes its process name
- Reads runtime system information
PID:1463

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads