Overview

overview

10

Static

static

10

jade.x86.elf

ubuntu-24.04-amd64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    jade.x86.elf

  • Size

    100KB

  • Sample

    240712-qacy6svbmm

  • MD5

    cef40e9ed7f3b7fbd42c06f98bc78a94

  • SHA1

    ad5c9bdf8c6410a593ffd21355e4f40d9ded9a96

  • SHA256

    7affc30dfd26500d70666f646a34ca05722fd37109f80f2412a230dd5d5b1884

  • SHA512

    961d5fae7b1126a3cc59c08096e092d247521684100d4c8549709e91a98246f1b3dbbcd4ed4367b27cc23847eeccb7ed968af15862d8769af516352afec27b09

  • SSDEEP

    3072:OOS+AxMyDXmaWKq0TNORKMhThWhIwhnoI:CyAmaA0soMhTIZZoI

Score
10/10
echobotmiraidiscoverylinuxrootkit

Malware Config

Targets

    • Target

      jade.x86.elf

    • Size

      100KB

    • MD5

      cef40e9ed7f3b7fbd42c06f98bc78a94

    • SHA1

      ad5c9bdf8c6410a593ffd21355e4f40d9ded9a96

    • SHA256

      7affc30dfd26500d70666f646a34ca05722fd37109f80f2412a230dd5d5b1884

    • SHA512

      961d5fae7b1126a3cc59c08096e092d247521684100d4c8549709e91a98246f1b3dbbcd4ed4367b27cc23847eeccb7ed968af15862d8769af516352afec27b09

    • SSDEEP

      3072:OOS+AxMyDXmaWKq0TNORKMhThWhIwhnoI:CyAmaA0soMhTIZZoI

    Score
    9/10
    discoveryrootkit

    • Contacts a large (251599) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Loads a kernel module

      Loads a Linux kernel module, potentially to achieve persistence

      rootkit
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks