Overview

overview

10

Static

static

10

db0533432e...ec.elf

ubuntu-24.04-amd64

7

Analysis

  • max time kernel
    149s
  • max time network
    131s
  • platform
    ubuntu-24.04_amd64
  • resource
    ubuntu2404-amd64-20240523-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2404-amd64-20240523-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system
  • submitted
    22-07-2024 00:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    db0533432eb1071c80086e843a2010ec.elf

  • Size

    1.2MB

  • MD5

    db0533432eb1071c80086e843a2010ec

  • SHA1

    f77840fb1fe66b251b8327544bd52f9dd55b32cc

  • SHA256

    489566ae52ff7d91debde176382bc81523bad6bad4b8d1f814576e932d498907

  • SHA512

    58690d8d6f99f6b30f199b9ec7ce6ee2ec210992fe2b6f159d4c7c45baba772c717d9b771e033b1a65c9ea0a4d66cf10c7d70a783d964fc837d8c556793099e8

  • SSDEEP

    24576:e845rGHu6gVJKG75oFpA0VWeX4F2y1q2rJp0:745vRVJKGtSA0VWeosu9p0

Score
7/10
rootkit

Malware Config

Signatures

  • Loads a kernel module 43 IoCs

    Loads a Linux kernel module, potentially to achieve persistence

    rootkit

Processes

  • /tmp/db0533432eb1071c80086e843a2010ec.elf
    /tmp/db0533432eb1071c80086e843a2010ec.elf
    1⤵
    • Loads a kernel module
    PID:2476

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /etc/init.d/DbSecuritySpt
    Filesize

    54B

    MD5

    7744dd34a0b8d236cebf250c1b65814e

    SHA1

    7f5daa70901a9cb55386d060c03475c3eec78074

    SHA256

    be4427d08b15e38224130d481523e06e0ca3dfca3435b09bcd0326a337afe704

    SHA512

    4eed794c7abcce8bc622de5c7a1b605cb2a58702e5d1fe4b2d113d06e1d7cfabc2a87dd2ea0a2de31bdaf7aff889e1df8a499003024dda63ede34ad8b424e301

    Download Submit

  • /tmp/conf.n
    Filesize

    73B

    MD5

    1e45e1b3598ec16292269c28b19243f9

    SHA1

    a3b2cb046bccc74dd7a06667f53a97f525fce860

    SHA256

    83ea3bbfc2daeed1029dfc8a37cb3f0d70afdbda48a8e1eb659f605d7bfb8bbf

    SHA512

    d929fa04e2dd9d9ca5471bf7b25a7cf590c1087432ea4e8055e55f288a0587b1bb8e10cf90c8d53353c32a56ed9bdfeb027d841dac3fd98c42665e2f6b5ef8d9

    Download Submit

  • /tmp/gates.lod
    Filesize

    4B

    MD5

    53f0d7c537d99b3824f0f99d62ea2428

    SHA1

    fd036c77bc43059b0dfa9067039290b8f17440e5

    SHA256

    aabbb2bd43c0fb27462f139e0274faa6c3a5c6d600e1b2fc6d3c96c18503607e

    SHA512

    f934b9aec051382903f7bf391e6ea8d79771c4d95e804f47ee016b69985af5d651003595dda29c494ab592b0928dca406bdd56fc1352f5d471ab3b86f4dd9813

    Download Submit

  • /tmp/notify.file
    Filesize

    41B

    MD5

    12f6f654d80415d88834a60023651e20

    SHA1

    16d1c7da592af4b1ff561ee77fc341df18640ba4

    SHA256

    a1c6882b5b8a77e7ba3005d3a869119cc278c7f818f2b9ce1ba9edd50a2a6af6

    SHA512

    5327a7be32d959a3b0cdc193f0d7fd2a40719b858ae419b40b3b9ea8fccca4c3b9e52c2e8078f90f696c9f99de290fed4ac2c0719ac065caa4523d0eab50e90b

    Download Submit