Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    ubuntu-24.04_amd64
  • resource
    ubuntu2404-amd64-20240729-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2404-amd64-20240729-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system
  • submitted
    30/09/2024, 12:29

General

  • Target

    ba80eb010115d1e7fdbe476fb0caaf14ff6ca3c77c5bc86e573aaa606e89db4e.elf

  • Size

    23KB

  • MD5

    02f393605a93ebc399024903ef9c784a

  • SHA1

    2bebbba3ff1f62675ed95d01601414fe9133cdc6

  • SHA256

    ba80eb010115d1e7fdbe476fb0caaf14ff6ca3c77c5bc86e573aaa606e89db4e

  • SHA512

    934ad1603d3ff04c1d2f27c7754c785de636f8b0a73717499c871340d51005f042e8d2377504bce0705fdacd7c4d920bfb94c0294645ce270b7b7a42ca360f22

  • SSDEEP

    384:MDYTtV8sACPJPsIsapMQx4p+Iimaxh+QbZSZKlLR7EBKubY/5cN/c+gKRDdCdJJv:dr8sACPRtEni9sUZ4KFR7EBHbJk+gKRS

Score
9/10

Malware Config

Signatures

  • Contacts a large (20190) amount of remote hosts 1 TTPs

    This may indicate a network scan to discover remotely running services.

  • Creates a large amount of network flows 1 TTPs

    This may indicate a network scan to discover remotely running services.

  • Loads a kernel module 27 IoCs

    Loads a Linux kernel module, potentially to achieve persistence

Processes

  • /tmp/ba80eb010115d1e7fdbe476fb0caaf14ff6ca3c77c5bc86e573aaa606e89db4e.elf
    /tmp/ba80eb010115d1e7fdbe476fb0caaf14ff6ca3c77c5bc86e573aaa606e89db4e.elf
    1⤵
    • Loads a kernel module
    PID:2494

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads