Overview

overview

10

Static

static

10

jade.x86.elf

ubuntu-24.04-amd64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    jade.x86.elf

  • Size

    100KB

  • Sample

    240821-qrvwba1bpd

  • MD5

    1d182a485d9c9e14d7e530494a3e8a4c

  • SHA1

    ac4e35a891048b371aa9df8d281d3dad3b98cbe8

  • SHA256

    d8cf01ab6075106b887f382007a47a5fc33ec04e3bbf50b91a53e8c9f9de3682

  • SHA512

    0c771446e2dcb604034bd248dc54969e6f9ddd55f1e49e7d8cfe8827134097696e72b65163ed82794d109b7b3adb13bae26e5b9d973f0a492c038d1320c22787

  • SSDEEP

    3072:WOS+AxMyDXmMWKq0TNORAMdThOdMw+noI:KyAmMA0sSMdT096oI

Score
10/10
echobotmiraidiscoverylinuxrootkit

Malware Config

Targets

    • Target

      jade.x86.elf

    • Size

      100KB

    • MD5

      1d182a485d9c9e14d7e530494a3e8a4c

    • SHA1

      ac4e35a891048b371aa9df8d281d3dad3b98cbe8

    • SHA256

      d8cf01ab6075106b887f382007a47a5fc33ec04e3bbf50b91a53e8c9f9de3682

    • SHA512

      0c771446e2dcb604034bd248dc54969e6f9ddd55f1e49e7d8cfe8827134097696e72b65163ed82794d109b7b3adb13bae26e5b9d973f0a492c038d1320c22787

    • SSDEEP

      3072:WOS+AxMyDXmMWKq0TNORAMdThOdMw+noI:KyAmMA0sSMdT096oI

    Score
    9/10
    discoveryrootkit

    • Contacts a large (253826) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Loads a kernel module

      Loads a Linux kernel module, potentially to achieve persistence

      rootkit
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks