Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
149s -
max time network
149s -
platform
ubuntu-24.04_amd64 -
resource
ubuntu2404-amd64-20240523-en -
resource tags
arch:amd64arch:i386image:ubuntu2404-amd64-20240523-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system -
submitted
19/08/2024, 01:27
Static task
static1
Behavioral task
behavioral1
Sample
dce7dbf29e3df07a0914a0f6b8d010480842cca8c608cebd5814a04f4d1564f5.elf
Resource
ubuntu2404-amd64-20240523-en
ubuntu-24.04-amd64
2 signatures
150 seconds
General
-
Target
dce7dbf29e3df07a0914a0f6b8d010480842cca8c608cebd5814a04f4d1564f5.elf
-
Size
150KB
-
MD5
746586da6ee47b60efa41176202128cb
-
SHA1
63cf25bb5af5ebc7eb80f0a2a65c077d76268d12
-
SHA256
dce7dbf29e3df07a0914a0f6b8d010480842cca8c608cebd5814a04f4d1564f5
-
SHA512
c6455507b360dbddc67759785852193d0958ed89ce235a0d38572e91928a543191c7a037d8f70e319878b9147f93ab79dfe6476b2724f0ead34af8831f0dd349
-
SSDEEP
3072:For3xYE/GAc2+Q1pbz7c5V4HBvW5VcSAbvRLTlawuJxL7ETyH5vU4:Crp/GqpjE/4H6c/hXgxhHdL
Score
7/10
Malware Config
Signatures
-
Loads a kernel module 64 IoCs
Loads a Linux kernel module, potentially to achieve persistence
pid Process 2435 dce7dbf29e3df07a0914a0f6b8d010480842cca8c608cebd5814a04f4d1564f5.elf 2435 dce7dbf29e3df07a0914a0f6b8d010480842cca8c608cebd5814a04f4d1564f5.elf 2436 Process not Found 2435 dce7dbf29e3df07a0914a0f6b8d010480842cca8c608cebd5814a04f4d1564f5.elf 2435 dce7dbf29e3df07a0914a0f6b8d010480842cca8c608cebd5814a04f4d1564f5.elf 2435 dce7dbf29e3df07a0914a0f6b8d010480842cca8c608cebd5814a04f4d1564f5.elf 2435 dce7dbf29e3df07a0914a0f6b8d010480842cca8c608cebd5814a04f4d1564f5.elf 2441 Process not Found 2435 dce7dbf29e3df07a0914a0f6b8d010480842cca8c608cebd5814a04f4d1564f5.elf 2435 dce7dbf29e3df07a0914a0f6b8d010480842cca8c608cebd5814a04f4d1564f5.elf 2435 dce7dbf29e3df07a0914a0f6b8d010480842cca8c608cebd5814a04f4d1564f5.elf 2435 dce7dbf29e3df07a0914a0f6b8d010480842cca8c608cebd5814a04f4d1564f5.elf 2445 Process not Found 2435 dce7dbf29e3df07a0914a0f6b8d010480842cca8c608cebd5814a04f4d1564f5.elf 2435 dce7dbf29e3df07a0914a0f6b8d010480842cca8c608cebd5814a04f4d1564f5.elf 2435 dce7dbf29e3df07a0914a0f6b8d010480842cca8c608cebd5814a04f4d1564f5.elf 2435 dce7dbf29e3df07a0914a0f6b8d010480842cca8c608cebd5814a04f4d1564f5.elf 2449 Process not Found 2435 dce7dbf29e3df07a0914a0f6b8d010480842cca8c608cebd5814a04f4d1564f5.elf 2435 dce7dbf29e3df07a0914a0f6b8d010480842cca8c608cebd5814a04f4d1564f5.elf 2435 dce7dbf29e3df07a0914a0f6b8d010480842cca8c608cebd5814a04f4d1564f5.elf 2435 dce7dbf29e3df07a0914a0f6b8d010480842cca8c608cebd5814a04f4d1564f5.elf 2453 Process not Found 2435 dce7dbf29e3df07a0914a0f6b8d010480842cca8c608cebd5814a04f4d1564f5.elf 2435 dce7dbf29e3df07a0914a0f6b8d010480842cca8c608cebd5814a04f4d1564f5.elf 2435 dce7dbf29e3df07a0914a0f6b8d010480842cca8c608cebd5814a04f4d1564f5.elf 2435 dce7dbf29e3df07a0914a0f6b8d010480842cca8c608cebd5814a04f4d1564f5.elf 2457 Process not Found 2435 dce7dbf29e3df07a0914a0f6b8d010480842cca8c608cebd5814a04f4d1564f5.elf 2435 dce7dbf29e3df07a0914a0f6b8d010480842cca8c608cebd5814a04f4d1564f5.elf 2435 dce7dbf29e3df07a0914a0f6b8d010480842cca8c608cebd5814a04f4d1564f5.elf 2435 dce7dbf29e3df07a0914a0f6b8d010480842cca8c608cebd5814a04f4d1564f5.elf 2461 Process not Found 2435 dce7dbf29e3df07a0914a0f6b8d010480842cca8c608cebd5814a04f4d1564f5.elf 2435 dce7dbf29e3df07a0914a0f6b8d010480842cca8c608cebd5814a04f4d1564f5.elf 2435 dce7dbf29e3df07a0914a0f6b8d010480842cca8c608cebd5814a04f4d1564f5.elf 2435 dce7dbf29e3df07a0914a0f6b8d010480842cca8c608cebd5814a04f4d1564f5.elf 2466 Process not Found 2435 dce7dbf29e3df07a0914a0f6b8d010480842cca8c608cebd5814a04f4d1564f5.elf 2435 dce7dbf29e3df07a0914a0f6b8d010480842cca8c608cebd5814a04f4d1564f5.elf 2435 dce7dbf29e3df07a0914a0f6b8d010480842cca8c608cebd5814a04f4d1564f5.elf 2435 dce7dbf29e3df07a0914a0f6b8d010480842cca8c608cebd5814a04f4d1564f5.elf 2472 Process not Found 2435 dce7dbf29e3df07a0914a0f6b8d010480842cca8c608cebd5814a04f4d1564f5.elf 2435 dce7dbf29e3df07a0914a0f6b8d010480842cca8c608cebd5814a04f4d1564f5.elf 2435 dce7dbf29e3df07a0914a0f6b8d010480842cca8c608cebd5814a04f4d1564f5.elf 2435 dce7dbf29e3df07a0914a0f6b8d010480842cca8c608cebd5814a04f4d1564f5.elf 2476 Process not Found 2435 dce7dbf29e3df07a0914a0f6b8d010480842cca8c608cebd5814a04f4d1564f5.elf 2435 dce7dbf29e3df07a0914a0f6b8d010480842cca8c608cebd5814a04f4d1564f5.elf 2435 dce7dbf29e3df07a0914a0f6b8d010480842cca8c608cebd5814a04f4d1564f5.elf 2435 dce7dbf29e3df07a0914a0f6b8d010480842cca8c608cebd5814a04f4d1564f5.elf 2480 Process not Found 2435 dce7dbf29e3df07a0914a0f6b8d010480842cca8c608cebd5814a04f4d1564f5.elf 2435 dce7dbf29e3df07a0914a0f6b8d010480842cca8c608cebd5814a04f4d1564f5.elf 2435 dce7dbf29e3df07a0914a0f6b8d010480842cca8c608cebd5814a04f4d1564f5.elf 2435 dce7dbf29e3df07a0914a0f6b8d010480842cca8c608cebd5814a04f4d1564f5.elf 2484 Process not Found 2435 dce7dbf29e3df07a0914a0f6b8d010480842cca8c608cebd5814a04f4d1564f5.elf 2435 dce7dbf29e3df07a0914a0f6b8d010480842cca8c608cebd5814a04f4d1564f5.elf 2435 dce7dbf29e3df07a0914a0f6b8d010480842cca8c608cebd5814a04f4d1564f5.elf 2435 dce7dbf29e3df07a0914a0f6b8d010480842cca8c608cebd5814a04f4d1564f5.elf 2435 dce7dbf29e3df07a0914a0f6b8d010480842cca8c608cebd5814a04f4d1564f5.elf 2488 Process not Found -
Unexpected DNS network traffic destination 1 IoCs
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
description ioc Destination IP 195.10.195.195