Extracted

• • Target

    4f650e278c9d59ef6efdc75a77384e867ea4f3c17246a8ca9869a39d13d55c9a.elf

  • Size

    108KB

  • MD5

    ca596e5f143c1c81edb2dfa71eaa9d4a

  • SHA1

    39089b36abc073e115d76ff499c65d61f19e1784

  • SHA256

    4f650e278c9d59ef6efdc75a77384e867ea4f3c17246a8ca9869a39d13d55c9a

  • SHA512

    1367bbbc3005d27d901515e324b326367eb6386db9e2f1c1c2fc40c5bfc61912e5365d1c4a0f55bd21e9ba8474b3dee919526eea5f333c4380e39e8e30fe23b6

  • SSDEEP

    1536:topgIMlsBMdLON0c5DbsankUCZutejIzSGj2A9OoJ1MN:qpd8s+Luh5DBCR8mQ9EN

  Score

  9^/10

  discoveryrootkit

  • Contacts a large (321631) amount of remote hosts

    This may indicate a network scan to discover remotely running services.

    discovery

  • Creates a large amount of network flows

    This may indicate a network scan to discover remotely running services.

    discovery

  • Loads a kernel module

    Loads a Linux kernel module, potentially to achieve persistence

    rootkit
  behavioral1