Analysis

  • max time kernel
    149s
  • max time network
    152s
  • platform
    ubuntu-24.04_amd64
  • resource
    ubuntu2404-amd64-20240523-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2404-amd64-20240523-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system
  • submitted
    29/09/2024, 22:21

General

  • Target

    SecuriteInfo.com.Linux.Siggen.9999.19167.28364.elf

  • Size

    30KB

  • MD5

    d2b3ab46391ff3f030474f2cc7af22e2

  • SHA1

    ff81bb4309250372403e590ff3d72222eed5d113

  • SHA256

    6ca89c25380c49e38c4715c731a14472f6b4984147c904d20128e564d4c230c3

  • SHA512

    7e25ed78d950fa5183657c9c844f8d03f8c56d25de3de4639214a37b428bec9cbb30cfec7e860f0717f4611e524f8905e95c31787dd2591b3767ec183fa896d0

  • SSDEEP

    768:laKJIpUheb8ArmMapSCfGtwk+sOimldbfLPDyoxxGKX:la4IjrmHpSCfGtdOi4dbfLOoH

Score
7/10

Malware Config

Signatures

  • Loads a kernel module 27 IoCs

    Loads a Linux kernel module, potentially to achieve persistence

  • Writes file to tmp directory 1 IoCs

    Malware often drops required files in the /tmp directory.

Processes

  • /tmp/SecuriteInfo.com.Linux.Siggen.9999.19167.28364.elf
    /tmp/SecuriteInfo.com.Linux.Siggen.9999.19167.28364.elf
    1⤵
    • Loads a kernel module
    • Writes file to tmp directory
    PID:2476

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads