Overview

overview

7

Static

static

1

85d279d805...05.elf

ubuntu-20.04-amd64

7

Analysis

  • max time kernel
    150s
  • max time network
    139s
  • platform
    ubuntu-20.04_amd64
  • resource
    ubuntu2004-amd64-20240221-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2004-amd64-20240221-enkernel:5.4.0-169-genericlocale:en-usos:ubuntu-20.04-amd64system
  • submitted
    30-04-2024 07:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    85d279d80542d801c54a048493b69305.elf

  • Size

    42KB

  • MD5

    85d279d80542d801c54a048493b69305

  • SHA1

    3162d19b9e060c569480f369c30b1a6307e5adb6

  • SHA256

    1f9f7008ad36409ca422c99876387e710a49d744e079f1ced61119fa48bedc60

  • SHA512

    5a59bb5633f1672bdc3d5d3d8cf37ef92381f4e71156e4cf108b9c26215640b16c7e128de4b1d32b865915ee434ead765c5eadf7b30fca6fccd8e35a3a5d346f

  • SSDEEP

    768:+e+6lVsvyW2/EeVe5tFz0wrDlVCBRrozeam/rW/QkXeyR03EDOS2DrRnbcuyD7U5:A6rsn2MR5z04l8BRrf/MoyRCuOvDrRnT

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Unexpected DNS network traffic destination 6 IoCs

    Network traffic to other servers than the configured DNS servers was detected on the DNS port.

  • Changes its process name 1 IoCs
  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/85d279d80542d801c54a048493b69305.elf
    /tmp/85d279d80542d801c54a048493b69305.elf
    1⤵
    • Deletes itself
    • Changes its process name
    • Reads runtime system information
    PID:1463

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads