c83194ccf3a3e96bdb5a9ed28b44c0bfa7193e6a6989db639c248b69c9927767

Analysis

max time kernel
146s
max time network
148s
platform
ubuntu-22.04_amd64
resource
ubuntu2204-amd64-20240611-en
resource tags

arch:amd64arch:i386image:ubuntu2204-amd64-20240611-enkernel:5.15.0-105-genericlocale:en-usos:ubuntu-22.04-amd64system
submitted
23-07-2024 10:04

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

c83194ccf3a3e96bdb5a9ed28b44c0bfa7193e6a6989db639c248b69c9927767.elf
Size

3.9MB
MD5

96dfab1be92c7488d2ae7b1cd3ed756c
SHA1

e5dca68763474fbeca34bc35a29f0066bd26ba35
SHA256

c83194ccf3a3e96bdb5a9ed28b44c0bfa7193e6a6989db639c248b69c9927767
SHA512

2da576fa5f8a95c0890a890d77f2b9d8a5b989884d9ac471bf321886467753765f5e391ac739e2634c400f110befce514c79af02c1ae0af9747514b331387cfe
SSDEEP

98304:utZ+YDjKehPQo1p9uvU8AGK2U+n+DD1Zlc+ONqLsg:ut4EfcnKl0qLs

Score

7^/10

Malware Config

Signatures

Unexpected DNS network traffic destination 2 IoCs

Network traffic to other servers than the configured DNS servers was detected on the DNS port.

description	ioc
Destination IP	185.52.0.55
Destination IP	130.61.64.122

/tmp/c83194ccf3a3e96bdb5a9ed28b44c0bfa7193e6a6989db639c248b69c9927767.elf
/tmp/c83194ccf3a3e96bdb5a9ed28b44c0bfa7193e6a6989db639c248b69c9927767.elf
1⤵
PID:1572
- /usr/local/sbin/timeout
  timeout 2500 ./swgjr
  2⤵
  PID:1634
- /usr/local/bin/timeout
  timeout 2500 ./swgjr
  2⤵
  PID:1634
- /usr/sbin/timeout
  timeout 2500 ./swgjr
  2⤵
  PID:1634
- /usr/bin/timeout
  timeout 2500 ./swgjr
  2⤵
  PID:1634
- - /tmp/swgjr
    ./swgjr
    3⤵
    PID:1635
- /usr/local/sbin/timeout
  timeout 2500 ./swgjr
  2⤵
  PID:1639
- /usr/local/bin/timeout
  timeout 2500 ./swgjr
  2⤵
  PID:1639
- /usr/sbin/timeout
  timeout 2500 ./swgjr
  2⤵
  PID:1639
- /usr/bin/timeout
  timeout 2500 ./swgjr
  2⤵
  PID:1639
- - /tmp/swgjr
    ./swgjr
    3⤵
    PID:1640
- /usr/local/sbin/timeout
  timeout 2500 ./swgjr
  2⤵
  PID:1641
- /usr/local/bin/timeout
  timeout 2500 ./swgjr
  2⤵
  PID:1641
- /usr/sbin/timeout
  timeout 2500 ./swgjr
  2⤵
  PID:1641
- /usr/bin/timeout
  timeout 2500 ./swgjr
  2⤵
  PID:1641
- - /tmp/swgjr
    ./swgjr
    3⤵
    PID:1642
- /usr/local/sbin/timeout
  timeout 2500 ./swgjr
  2⤵
  PID:1643
- /usr/local/bin/timeout
  timeout 2500 ./swgjr
  2⤵
  PID:1643
- /usr/sbin/timeout
  timeout 2500 ./swgjr
  2⤵
  PID:1643
- /usr/bin/timeout
  timeout 2500 ./swgjr
  2⤵
  PID:1643
- - /tmp/swgjr
    ./swgjr
    3⤵
    PID:1644
- /usr/local/sbin/timeout
  timeout 2500 ./swgjr
  2⤵
  PID:1646
- /usr/local/bin/timeout
  timeout 2500 ./swgjr
  2⤵
  PID:1646
- /usr/sbin/timeout
  timeout 2500 ./swgjr
  2⤵
  PID:1646
- /usr/bin/timeout
  timeout 2500 ./swgjr
  2⤵
  PID:1646
- - /tmp/swgjr
    ./swgjr
    3⤵
    PID:1647
- /usr/local/sbin/timeout
  timeout 2500 ./swgjr
  2⤵
  PID:1648
- /usr/local/bin/timeout
  timeout 2500 ./swgjr
  2⤵
  PID:1648
- /usr/sbin/timeout
  timeout 2500 ./swgjr
  2⤵
  PID:1648
- /usr/bin/timeout
  timeout 2500 ./swgjr
  2⤵
  PID:1648
- - /tmp/swgjr
    ./swgjr
    3⤵
    PID:1649
- /usr/local/sbin/timeout
  timeout 2500 ./swgjr
  2⤵
  PID:1652
- /usr/local/bin/timeout
  timeout 2500 ./swgjr
  2⤵
  PID:1652
- /usr/sbin/timeout
  timeout 2500 ./swgjr
  2⤵
  PID:1652
- /usr/bin/timeout
  timeout 2500 ./swgjr
  2⤵
  PID:1652
- - /tmp/swgjr
    ./swgjr
    3⤵
    PID:1653
- /usr/local/sbin/timeout
  timeout 2500 ./swgjr
  2⤵
  PID:1654
- /usr/local/bin/timeout
  timeout 2500 ./swgjr
  2⤵
  PID:1654
- /usr/sbin/timeout
  timeout 2500 ./swgjr
  2⤵
  PID:1654
- /usr/bin/timeout
  timeout 2500 ./swgjr
  2⤵
  PID:1654
- - /tmp/swgjr
    ./swgjr
    3⤵
    PID:1655
- /usr/local/sbin/timeout
  timeout 2500 ./swgjr
  2⤵
  PID:1656
- /usr/local/bin/timeout
  timeout 2500 ./swgjr
  2⤵
  PID:1656
- /usr/sbin/timeout
  timeout 2500 ./swgjr
  2⤵
  PID:1656
- /usr/bin/timeout
  timeout 2500 ./swgjr
  2⤵
  PID:1656
- - /tmp/swgjr
    ./swgjr
    3⤵
    PID:1657
- /usr/local/sbin/timeout
  timeout 2500 ./swgjr
  2⤵
  PID:1658
- /usr/local/bin/timeout
  timeout 2500 ./swgjr
  2⤵
  PID:1658
- /usr/sbin/timeout
  timeout 2500 ./swgjr
  2⤵
  PID:1658
- /usr/bin/timeout
  timeout 2500 ./swgjr
  2⤵
  PID:1658
- - /tmp/swgjr
    ./swgjr
    3⤵
    PID:1659
- /usr/local/sbin/timeout
  timeout 2500 ./swgjr
  2⤵
  PID:1660
- /usr/local/bin/timeout
  timeout 2500 ./swgjr
  2⤵
  PID:1660
- /usr/sbin/timeout
  timeout 2500 ./swgjr
  2⤵
  PID:1660
- /usr/bin/timeout
  timeout 2500 ./swgjr
  2⤵
  PID:1660
- - /tmp/swgjr
    ./swgjr
    3⤵
    PID:1661
- /usr/local/sbin/timeout
  timeout 2500 ./swgjr
  2⤵
  PID:1683
- /usr/local/bin/timeout
  timeout 2500 ./swgjr
  2⤵
  PID:1683
- /usr/sbin/timeout
  timeout 2500 ./swgjr
  2⤵
  PID:1683
- /usr/bin/timeout
  timeout 2500 ./swgjr
  2⤵
  PID:1683
- - /tmp/swgjr
    ./swgjr
    3⤵
    PID:1684
- /usr/local/sbin/timeout
  timeout 2500 ./swgjr
  2⤵
  PID:1688
- /usr/local/bin/timeout
  timeout 2500 ./swgjr
  2⤵
  PID:1688
- /usr/sbin/timeout
  timeout 2500 ./swgjr
  2⤵
  PID:1688
- /usr/bin/timeout
  timeout 2500 ./swgjr
  2⤵
  PID:1688
- - /tmp/swgjr
    ./swgjr
    3⤵
    PID:1689
- /usr/local/sbin/timeout
  timeout 2500 ./swgjr
  2⤵
  PID:1690
- /usr/local/bin/timeout
  timeout 2500 ./swgjr
  2⤵
  PID:1690
- /usr/sbin/timeout
  timeout 2500 ./swgjr
  2⤵
  PID:1690
- /usr/bin/timeout
  timeout 2500 ./swgjr
  2⤵
  PID:1690
- - /tmp/swgjr
    ./swgjr
    3⤵
    PID:1691
- /usr/local/sbin/timeout
  timeout 2500 ./swgjr
  2⤵
  PID:1692
- /usr/local/bin/timeout
  timeout 2500 ./swgjr
  2⤵
  PID:1692
- /usr/sbin/timeout
  timeout 2500 ./swgjr
  2⤵
  PID:1692
- /usr/bin/timeout
  timeout 2500 ./swgjr
  2⤵
  PID:1692
- - /tmp/swgjr
    ./swgjr
    3⤵
    PID:1693
- /usr/local/sbin/timeout
  timeout 2500 ./swgjr
  2⤵
  PID:1694
- /usr/local/bin/timeout
  timeout 2500 ./swgjr
  2⤵
  PID:1694
- /usr/sbin/timeout
  timeout 2500 ./swgjr
  2⤵
  PID:1694
- /usr/bin/timeout
  timeout 2500 ./swgjr
  2⤵
  PID:1694
- - /tmp/swgjr
    ./swgjr
    3⤵
    PID:1695

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads