ba7adfc450545f1c46246c6c695ec02b47794cb2c3f93b23aca0ade2631be45e

Analysis

max time kernel
149s
max time network
148s
platform
ubuntu-18.04_amd64
resource
ubuntu1804-amd64-20240226-en
resource tags

arch:amd64arch:i386image:ubuntu1804-amd64-20240226-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system
submitted
25-04-2024 01:55

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

ba7adfc450545f1c46246c6c695ec02b47794cb2c3f93b23aca0ade2631be45e.elf
Size

91KB
MD5

55307e148d1559a7c5b451f18fe2a65d
SHA1

ae2a04408b14a8b20a45e20331f8e3908e6df900
SHA256

ba7adfc450545f1c46246c6c695ec02b47794cb2c3f93b23aca0ade2631be45e
SHA512

9dc7af1e3583b7274f8b0c75cb6570fa43a1b96ba4d8c53be87a95d3bbcc462f225d14deacd58d2abe7a312d8889e6dcb1d59bdbb815c132fc7b198dbd864db7
SSDEEP

1536:oFd1IRgCXUzx7t0fM6lSgcEiyhcgSnyy72wPZnWhZS5xtY+u:oFdmR9XUzxh0fMQSgcEim8yHAdew5bu

Score

6^/10

Malware Config

Signatures

Enumerates running processes
Discovers information about currently running processes on the system

Changes its process name 1 IoCs

description	pid	Process
Changes the process name, possibly in an attempt to hide itself	1548	ba7adfc450545f1c46246c6c695ec02b47794cb2c3f93b23aca0ade2631be45e.elf

Reads runtime system information 64 IoCs

Reads data from /proc virtual filesystem.

description	ioc	Process
File opened for reading	/proc/115/cmdline	ba7adfc450545f1c46246c6c695ec02b47794cb2c3f93b23aca0ade2631be45e.elf
File opened for reading	/proc/644/cmdline	ba7adfc450545f1c46246c6c695ec02b47794cb2c3f93b23aca0ade2631be45e.elf
File opened for reading	/proc/659/cmdline	ba7adfc450545f1c46246c6c695ec02b47794cb2c3f93b23aca0ade2631be45e.elf
File opened for reading	/proc/733/cmdline	ba7adfc450545f1c46246c6c695ec02b47794cb2c3f93b23aca0ade2631be45e.elf
File opened for reading	/proc/1114/cmdline	ba7adfc450545f1c46246c6c695ec02b47794cb2c3f93b23aca0ade2631be45e.elf
File opened for reading	/proc/1543/cmdline	ba7adfc450545f1c46246c6c695ec02b47794cb2c3f93b23aca0ade2631be45e.elf
File opened for reading	/proc/19/cmdline	ba7adfc450545f1c46246c6c695ec02b47794cb2c3f93b23aca0ade2631be45e.elf
File opened for reading	/proc/26/cmdline	ba7adfc450545f1c46246c6c695ec02b47794cb2c3f93b23aca0ade2631be45e.elf
File opened for reading	/proc/1546/cmdline	ba7adfc450545f1c46246c6c695ec02b47794cb2c3f93b23aca0ade2631be45e.elf
File opened for reading	/proc/161/cmdline	ba7adfc450545f1c46246c6c695ec02b47794cb2c3f93b23aca0ade2631be45e.elf
File opened for reading	/proc/470/cmdline	ba7adfc450545f1c46246c6c695ec02b47794cb2c3f93b23aca0ade2631be45e.elf
File opened for reading	/proc/1542/cmdline	ba7adfc450545f1c46246c6c695ec02b47794cb2c3f93b23aca0ade2631be45e.elf
File opened for reading	/proc/2/cmdline	ba7adfc450545f1c46246c6c695ec02b47794cb2c3f93b23aca0ade2631be45e.elf
File opened for reading	/proc/79/cmdline	ba7adfc450545f1c46246c6c695ec02b47794cb2c3f93b23aca0ade2631be45e.elf
File opened for reading	/proc/27/cmdline	ba7adfc450545f1c46246c6c695ec02b47794cb2c3f93b23aca0ade2631be45e.elf
File opened for reading	/proc/661/cmdline	ba7adfc450545f1c46246c6c695ec02b47794cb2c3f93b23aca0ade2631be45e.elf
File opened for reading	/proc/673/cmdline	ba7adfc450545f1c46246c6c695ec02b47794cb2c3f93b23aca0ade2631be45e.elf
File opened for reading	/proc/957/cmdline	ba7adfc450545f1c46246c6c695ec02b47794cb2c3f93b23aca0ade2631be45e.elf
File opened for reading	/proc/1071/cmdline	ba7adfc450545f1c46246c6c695ec02b47794cb2c3f93b23aca0ade2631be45e.elf
File opened for reading	/proc/1201/cmdline	ba7adfc450545f1c46246c6c695ec02b47794cb2c3f93b23aca0ade2631be45e.elf
File opened for reading	/proc/4/cmdline	ba7adfc450545f1c46246c6c695ec02b47794cb2c3f93b23aca0ade2631be45e.elf
File opened for reading	/proc/23/cmdline	ba7adfc450545f1c46246c6c695ec02b47794cb2c3f93b23aca0ade2631be45e.elf
File opened for reading	/proc/82/cmdline	ba7adfc450545f1c46246c6c695ec02b47794cb2c3f93b23aca0ade2631be45e.elf
File opened for reading	/proc/168/cmdline	ba7adfc450545f1c46246c6c695ec02b47794cb2c3f93b23aca0ade2631be45e.elf
File opened for reading	/proc/22/cmdline	ba7adfc450545f1c46246c6c695ec02b47794cb2c3f93b23aca0ade2631be45e.elf
File opened for reading	/proc/80/cmdline	ba7adfc450545f1c46246c6c695ec02b47794cb2c3f93b23aca0ade2631be45e.elf
File opened for reading	/proc/1024/cmdline	ba7adfc450545f1c46246c6c695ec02b47794cb2c3f93b23aca0ade2631be45e.elf
File opened for reading	/proc/1170/cmdline	ba7adfc450545f1c46246c6c695ec02b47794cb2c3f93b23aca0ade2631be45e.elf
File opened for reading	/proc/1179/cmdline	ba7adfc450545f1c46246c6c695ec02b47794cb2c3f93b23aca0ade2631be45e.elf
File opened for reading	/proc/540/cmdline	ba7adfc450545f1c46246c6c695ec02b47794cb2c3f93b23aca0ade2631be45e.elf
File opened for reading	/proc/1124/cmdline	ba7adfc450545f1c46246c6c695ec02b47794cb2c3f93b23aca0ade2631be45e.elf
File opened for reading	/proc/608/cmdline	ba7adfc450545f1c46246c6c695ec02b47794cb2c3f93b23aca0ade2631be45e.elf
File opened for reading	/proc/609/cmdline	ba7adfc450545f1c46246c6c695ec02b47794cb2c3f93b23aca0ade2631be45e.elf
File opened for reading	/proc/740/cmdline	ba7adfc450545f1c46246c6c695ec02b47794cb2c3f93b23aca0ade2631be45e.elf
File opened for reading	/proc/1278/cmdline	ba7adfc450545f1c46246c6c695ec02b47794cb2c3f93b23aca0ade2631be45e.elf
File opened for reading	/proc/1338/cmdline	ba7adfc450545f1c46246c6c695ec02b47794cb2c3f93b23aca0ade2631be45e.elf
File opened for reading	/proc/31/cmdline	ba7adfc450545f1c46246c6c695ec02b47794cb2c3f93b23aca0ade2631be45e.elf
File opened for reading	/proc/163/cmdline	ba7adfc450545f1c46246c6c695ec02b47794cb2c3f93b23aca0ade2631be45e.elf
File opened for reading	/proc/322/cmdline	ba7adfc450545f1c46246c6c695ec02b47794cb2c3f93b23aca0ade2631be45e.elf
File opened for reading	/proc/577/cmdline	ba7adfc450545f1c46246c6c695ec02b47794cb2c3f93b23aca0ade2631be45e.elf
File opened for reading	/proc/974/cmdline	ba7adfc450545f1c46246c6c695ec02b47794cb2c3f93b23aca0ade2631be45e.elf
File opened for reading	/proc/1262/cmdline	ba7adfc450545f1c46246c6c695ec02b47794cb2c3f93b23aca0ade2631be45e.elf
File opened for reading	/proc/34/cmdline	ba7adfc450545f1c46246c6c695ec02b47794cb2c3f93b23aca0ade2631be45e.elf
File opened for reading	/proc/36/cmdline	ba7adfc450545f1c46246c6c695ec02b47794cb2c3f93b23aca0ade2631be45e.elf
File opened for reading	/proc/419/cmdline	ba7adfc450545f1c46246c6c695ec02b47794cb2c3f93b23aca0ade2631be45e.elf
File opened for reading	/proc/1197/cmdline	ba7adfc450545f1c46246c6c695ec02b47794cb2c3f93b23aca0ade2631be45e.elf
File opened for reading	/proc/7/cmdline	ba7adfc450545f1c46246c6c695ec02b47794cb2c3f93b23aca0ade2631be45e.elf
File opened for reading	/proc/85/cmdline	ba7adfc450545f1c46246c6c695ec02b47794cb2c3f93b23aca0ade2631be45e.elf
File opened for reading	/proc/204/cmdline	ba7adfc450545f1c46246c6c695ec02b47794cb2c3f93b23aca0ade2631be45e.elf
File opened for reading	/proc/491/cmdline	ba7adfc450545f1c46246c6c695ec02b47794cb2c3f93b23aca0ade2631be45e.elf
File opened for reading	/proc/1153/cmdline	ba7adfc450545f1c46246c6c695ec02b47794cb2c3f93b23aca0ade2631be45e.elf
File opened for reading	/proc/1196/cmdline	ba7adfc450545f1c46246c6c695ec02b47794cb2c3f93b23aca0ade2631be45e.elf
File opened for reading	/proc/1388/cmdline	ba7adfc450545f1c46246c6c695ec02b47794cb2c3f93b23aca0ade2631be45e.elf
File opened for reading	/proc/28/cmdline	ba7adfc450545f1c46246c6c695ec02b47794cb2c3f93b23aca0ade2631be45e.elf
File opened for reading	/proc/179/cmdline	ba7adfc450545f1c46246c6c695ec02b47794cb2c3f93b23aca0ade2631be45e.elf
File opened for reading	/proc/466/cmdline	ba7adfc450545f1c46246c6c695ec02b47794cb2c3f93b23aca0ade2631be45e.elf
File opened for reading	/proc/1173/cmdline	ba7adfc450545f1c46246c6c695ec02b47794cb2c3f93b23aca0ade2631be45e.elf
File opened for reading	/proc/1551/cmdline	ba7adfc450545f1c46246c6c695ec02b47794cb2c3f93b23aca0ade2631be45e.elf
File opened for reading	/proc/8/cmdline	ba7adfc450545f1c46246c6c695ec02b47794cb2c3f93b23aca0ade2631be45e.elf
File opened for reading	/proc/457/cmdline	ba7adfc450545f1c46246c6c695ec02b47794cb2c3f93b23aca0ade2631be45e.elf
File opened for reading	/proc/1307/cmdline	ba7adfc450545f1c46246c6c695ec02b47794cb2c3f93b23aca0ade2631be45e.elf
File opened for reading	/proc/30/cmdline	ba7adfc450545f1c46246c6c695ec02b47794cb2c3f93b23aca0ade2631be45e.elf
File opened for reading	/proc/1195/cmdline	ba7adfc450545f1c46246c6c695ec02b47794cb2c3f93b23aca0ade2631be45e.elf
File opened for reading	/proc/1095/cmdline	ba7adfc450545f1c46246c6c695ec02b47794cb2c3f93b23aca0ade2631be45e.elf

/tmp/ba7adfc450545f1c46246c6c695ec02b47794cb2c3f93b23aca0ade2631be45e.elf
/tmp/ba7adfc450545f1c46246c6c695ec02b47794cb2c3f93b23aca0ade2631be45e.elf
1⤵
- Changes its process name
- Reads runtime system information
PID:1548

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads