Overview

overview

10

Static

static

10

f111237d03...27.elf

ubuntu-24.04-amd64

7

Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    ubuntu-24.04_amd64
  • resource
    ubuntu2404-amd64-20240523-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2404-amd64-20240523-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system
  • submitted
    20-07-2024 12:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f111237d031ac98043fab31936e5782073e6ac72b4d4e50d3b39d682702fda27.elf

  • Size

    1.2MB

  • MD5

    8bd5139f9d5473e0c09c3cf4ba2b0271

  • SHA1

    045f769ebe934a36d4540eb70241e8f4ae9bbc22

  • SHA256

    f111237d031ac98043fab31936e5782073e6ac72b4d4e50d3b39d682702fda27

  • SHA512

    1dbf99c0315955dba1d515c113de0a0a511bfe28f769425706529f71fb5f356fe22d0579c2a1b3cf79a759f2537eb1cdaa44280e910df3771cb2281a6f5d1d9c

  • SSDEEP

    24576:e845rGHu6gVJKG75oFpA0VWeX4D2y1q2rJp0:745vRVJKGtSA0VWeoiu9p0

Score
7/10
rootkit

Malware Config

Signatures

  • Loads a kernel module 43 IoCs

    Loads a Linux kernel module, potentially to achieve persistence

    rootkit

Processes

  • /tmp/f111237d031ac98043fab31936e5782073e6ac72b4d4e50d3b39d682702fda27.elf
    /tmp/f111237d031ac98043fab31936e5782073e6ac72b4d4e50d3b39d682702fda27.elf
    1⤵
    • Loads a kernel module
    PID:2449

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /etc/init.d/DbSecuritySpt
    Filesize

    86B

    MD5

    3a1edb6a1bc37eb12491308c8b44cbfd

    SHA1

    8e53886908f9873cfaf98c8e52d718ce6c38dd43

    SHA256

    ecef42004787b84382fd9259901819624a29f70c21029b19fea917aecb726598

    SHA512

    38ba36282fd911cd486bbd71f02a5e725bd066f27924bb3bb760f8df9ced5259abbad232297ea69615c3686d743d29dd176257a393ae7dde973782d4ed97c692

    Download Submit

  • /tmp/conf.n
    Filesize

    73B

    MD5

    6cd455165a6413ec7cf19488ca44838a

    SHA1

    d5810f05839689c2e35fbf16dc6a3030c9ac4a2e

    SHA256

    8daee42374a208a89fbb370e08b46a2f85d67e07c01d1e5dac6f22deaaf29bcf

    SHA512

    a9f83b845a15cbd5078555e07943b56bcd7e66dcb78d95b952b82b7fcefbbef036359dfc90d88e61e64308937ca5d747ac31b5fb8f3bd5904444ae2f4868003a

    Download Submit

  • /tmp/gates.lod
    Filesize

    4B

    MD5

    2dbf21633f03afcf882eaf10e4b5caca

    SHA1

    47c5c6f332aa2d927a70073a43090d99c39fcd83

    SHA256

    b815f5c630593b36d5a838a7d69dfc1a5f78d3d37bf9d4e04c0ba03c97d87fbf

    SHA512

    5124bc517d3578d659221b9b7804fd7f09710b1ddb9e5852fdc9fb5fbe8b4d54e286a82ff93469f82ff4a57bfbd9f98753da4533985af8c88863d9e4e4a7c4bc

    Download Submit

  • /tmp/notify.file
    Filesize

    73B

    MD5

    57a05eb1b9e546f7b6fe40e6c1b2ca18

    SHA1

    5a0362cb9f0aa80fea829c5859dacddade612b3e

    SHA256

    fe9ded9ef6e5e41edf872cda1b684767a660df87b107bd0ea99e307a37b72c9f

    SHA512

    994daaeaeb13b009518cc7199ee85997ced28d39016ff9b38f72f225f03c956d2dcefe5b5ab90b865875957e2e3048531a612eb656c0599c30c04f76ffab8102

    Download Submit