Overview

overview

10

Static

static

10

b7596ec853...466cbe

ubuntu-24.04-amd64

7

Analysis

  • max time kernel
    149s
  • max time network
    149s
  • platform
    ubuntu-24.04_amd64
  • resource
    ubuntu2404-amd64-20240523-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2404-amd64-20240523-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system
  • submitted
    02-07-2024 08:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b7596ec8533098af77fd3b2915f102ed3286c437140cc49ba60fbad80b466cbe

  • Size

    1.2MB

  • MD5

    a011ae821ae822bade7ef4f396dcc20c

  • SHA1

    dee10d43f35c7a8513f7e2180eada022152081be

  • SHA256

    b7596ec8533098af77fd3b2915f102ed3286c437140cc49ba60fbad80b466cbe

  • SHA512

    14e3ff9968a4201f56d9b3e14441fa4ab47e3b400bc6d7a02577828d3675aa75810963fb23b8ba718505acd7f8b762124edbb98fb42f7d7ab6c79ea58264bea5

  • SSDEEP

    24576:e845rGHu6gVJKG75oFpA0VWeX4r2y1q2rJp0:745vRVJKGtSA0VWeoau9p0

Score
7/10
rootkit

Malware Config

Signatures

  • Loads a kernel module 43 IoCs

    Loads a Linux kernel module, potentially to achieve persistence

    rootkit

Processes

  • /tmp/b7596ec8533098af77fd3b2915f102ed3286c437140cc49ba60fbad80b466cbe
    /tmp/b7596ec8533098af77fd3b2915f102ed3286c437140cc49ba60fbad80b466cbe
    1⤵
    • Loads a kernel module
    PID:2447

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /etc/init.d/DbSecuritySpt
    Filesize

    82B

    MD5

    4e1b59ecaba7aec367ecca3166e70fec

    SHA1

    1f0e661c74a5f263038033a4e0a8b449244cf22b

    SHA256

    88f4278f98f1e7dd75321b2cf68d969e2b94961c911c6048f439ec49026bdebb

    SHA512

    0d143b8fb1766b4ecf034225e794f42f931d363ffd3a8a1f6db29819a1aa7dab65f6490883333d233d8031a1ff5d96a600e3e035e86efcea485be5ad354329b1

    Download Submit

  • /tmp/conf.n
    Filesize

    73B

    MD5

    b7fdcd764f6b66a4429c8b34a0f5b93b

    SHA1

    d895c4bdcec5a7e2a1aefb7779be6c5043ca0678

    SHA256

    b88fbbf139f1d5e345113e7210e5be03d4eda4d52aa22c6df4df70fbf2c9659c

    SHA512

    1866feb7fc0d87e9747d67467bc48a3f15e8c96de3e699d1d5d8c5475797ba128ec9ea03a9ef57a28bef2a9443a7a35e502e79d7c0e5d4c4eec3089ecc59a9a9

    Download Submit

  • /tmp/gates.lod
    Filesize

    4B

    MD5

    61d77652c97ef636343742fc3dcf3ba9

    SHA1

    4323bf77eeca0bbf71ee86d5531a2fe1cb4e21c3

    SHA256

    f40ddf6742b7761b0f7df1f65a639c4fccc23479c5c4c984885ff588f1dfeb0e

    SHA512

    6cd7e11026c0da9d5932eb0ff37270615677322dc0041742e773cfb492e101c2e4188d77e4ebe2fc7fd859a25fdba75e7d6aa05acb46596da027347f834d4d57

    Download Submit

  • /tmp/notify.file
    Filesize

    69B

    MD5

    c726546814e8a3c06bddf4417585d127

    SHA1

    59dcd57473d230428b86a3ca0a5514877910ae6a

    SHA256

    c8a987df4990d2b05f19b9a597fcf640375aaba1e9b7fae2ce3cda09670998ae

    SHA512

    4c5c537bec2b3c84b609fa76f1c093b9ad6abb456ee10c339cdab2342a60e9a9fa9cb7a3bdd5219f529b572896e868ccd8b824efb8496a564537ff8f40f2db5a

    Download Submit