Overview

overview

9

Static

static

7

ab897157fd...cd.elf

ubuntu-24.04-amd64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ab897157fdef11b267e986ef286fd44a699e3699a458d90994e020619653d2cd.elf

  • Size

    1.6MB

  • Sample

    240615-cfgbwsvhld

  • MD5

    07db7c34621453db287722245085c5b4

  • SHA1

    9d4f2640b89c148e70953d49eb6d7d1867c182d2

  • SHA256

    ab897157fdef11b267e986ef286fd44a699e3699a458d90994e020619653d2cd

  • SHA512

    4346e8ef9ab453a34df3453fe8bbf3b8aa060c608a96ce7d437552f2b35e982ca3f04790d7e90ab0ce3ed147ab7aaf23e54c718db065ae4341d6a7e288de39c5

  • SSDEEP

    49152:oAYTr6WWFg50/5HHuDa9QnXhoyJ2lqjpB:oAYT6qkRHuDbqyFT

Score
9/10
discoverylinuxmotwphishingupx

Malware Config

Targets

    • Target

      ab897157fdef11b267e986ef286fd44a699e3699a458d90994e020619653d2cd.elf

    • Size

      1.6MB

    • MD5

      07db7c34621453db287722245085c5b4

    • SHA1

      9d4f2640b89c148e70953d49eb6d7d1867c182d2

    • SHA256

      ab897157fdef11b267e986ef286fd44a699e3699a458d90994e020619653d2cd

    • SHA512

      4346e8ef9ab453a34df3453fe8bbf3b8aa060c608a96ce7d437552f2b35e982ca3f04790d7e90ab0ce3ed147ab7aaf23e54c718db065ae4341d6a7e288de39c5

    • SSDEEP

      49152:oAYTr6WWFg50/5HHuDa9QnXhoyJ2lqjpB:oAYT6qkRHuDbqyFT

    Score
    9/10
    discoverymotwphishing

    • Contacts a large (1708817) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Mark of the Web detected: This indicates that the page was originally saved or cloned.

      phishingmotw
    behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Tasks