Overview

overview

10

Static

static

3

be75358ef1...18.exe

windows7-x64

10

be75358ef1...18.exe

windows10-2004-x64

10

$TEMP/29.opends60.dll

windows7-x64

1

$TEMP/29.opends60.dll

windows10-2004-x64

1

$TEMP/Ster...ap.dll

windows7-x64

3

$TEMP/Ster...ap.dll

windows10-2004-x64

3

$TEMP/WebN...mes.js

windows7-x64

3

$TEMP/WebN...mes.js

windows10-2004-x64

3

$TEMP/aspnetisapi.dll

windows7-x64

3

$TEMP/aspnetisapi.dll

windows10-2004-x64

3

$TEMP/autolayt.dll

windows7-x64

3

$TEMP/autolayt.dll

windows10-2004-x64

3

$TEMP/coyote.exe

windows7-x64

4

$TEMP/coyote.exe

windows10-2004-x64

10

$TEMP/cvtres.exe

windows7-x64

3

$TEMP/cvtres.exe

windows10-2004-x64

3

$TEMP/disco.exe

windows7-x64

1

$TEMP/disco.exe

windows10-2004-x64

1

$TEMP/emcmp.ko

ubuntu-24.04-amd64

$TEMP/ltv350qv.ko

ubuntu-22.04-amd64

$TEMP/sl-modem.py

windows7-x64

3

$TEMP/sl-modem.py

windows10-2004-x64

3

$TEMP/syst...er.vbs

windows7-x64

1

$TEMP/syst...er.vbs

windows10-2004-x64

1

$TEMP/vsslnui.dll

windows7-x64

1

$TEMP/vsslnui.dll

windows10-2004-x64

1

$TEMP/webb...35.pyc

windows7-x64

3

$TEMP/webb...35.pyc

windows10-2004-x64

3

Analysis

  • max time kernel
    0s
  • platform
    ubuntu-24.04_amd64
  • resource
    ubuntu2404-amd64-20240523-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2404-amd64-20240523-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system
  • submitted
    24-08-2024 11:05

Sharing

Copy URL
Twitter E-mail

Errors

Reason
Payload did not run: payload error: fork/exec /tmp/$TEMP/emcmp.ko: exec format error
Report Analysis Logs

General

  • Target

    $TEMP/emcmp.ko

  • Size

    5KB

  • MD5

    bceb647f93ea19dd1ff53e07fd6597d0

  • SHA1

    afcd3268cff93a8cb2b95d659a4eafc6581c8eb3

  • SHA256

    5cf8aad19abc14dda1ffea3c8b1fcde108f49babef6df32d17db0376b4961d37

  • SHA512

    a94e0151a93bd5e1e9fb5b3b848b93dce93279aafc72abab75cf1220dbf9cdb3604e12a6789e448b05e08888f67dac8d0f3af75bf70ddd1ddb6a4b3c4f564257

  • SSDEEP

    48:bJKlGVPlByo3iOk9hMRlww8Rs5T8iRIy46fPO:boGVPPiOk9hs60QB2O

Score
1/10

Malware Config

Signatures

Processes

  • /tmp/$TEMP/emcmp.ko
    "/tmp/\$TEMP/emcmp.ko"
    1⤵
      PID:2826

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads