82408466094a73994c42bd890a9732a9f731474b8d697d845c864fb81727f272 | Triage

Submit
Reports

Overview

overview

Static

static

LinuxTF.elf

ubuntu-24.04-amd64

8

Sharing

General

Target

LinuxTF.elf
Size

1.0MB
Sample

240627-w5175stgqe
MD5

26109e7fce4c8039245b081c641a6431
SHA1

244acb320b2cf22dd82489a271160cc4c427b59e
SHA256

82408466094a73994c42bd890a9732a9f731474b8d697d845c864fb81727f272
SHA512

c72d9373c4cf960bff4ff5317c1d7ed080a57c2be67914294a2ce01918e552d1f7c23e8e7b3d834d712ba480046bf1a9ab51f2b028918df008dbbe58baf5ad83
SSDEEP

24576:RsqZhvnhHXuhshNjm3Bp6gDgR16lwzBWa4wwS49TrHg29XE/PnroyUkNR9:PhvnhHXuhshNjK8AlGWao2royUk

Score

10^/10

botnet linux rootkit

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

LinuxTF.elf

Resource

ubuntu2404-amd64-20240523-en

ubuntu-24.04-amd64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  LinuxTF.elf
- Size
  
  1.0MB
- MD5
  
  26109e7fce4c8039245b081c641a6431
- SHA1
  
  244acb320b2cf22dd82489a271160cc4c427b59e
- SHA256
  
  82408466094a73994c42bd890a9732a9f731474b8d697d845c864fb81727f272
- SHA512
  
  c72d9373c4cf960bff4ff5317c1d7ed080a57c2be67914294a2ce01918e552d1f7c23e8e7b3d834d712ba480046bf1a9ab51f2b028918df008dbbe58baf5ad83
- SSDEEP
  
  24576:RsqZhvnhHXuhshNjm3Bp6gDgR16lwzBWa4wwS49TrHg29XE/PnroyUkNR9:PhvnhHXuhshNjK8AlGWao2royUk
Score

8^/10

rootkit
- Writes memory of remote process
- Loads a kernel module
  Loads a Linux kernel module, potentially to achieve persistence
  rootkit
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy