Analysis
-
max time kernel
0s -
max time network
129s -
platform
ubuntu-22.04_amd64 -
resource
ubuntu2204-amd64-20240522.1-en -
resource tags
-
submitted
03-10-2024 02:24
General
-
Target
fdee2e34212170af59a95701317f220e9bdedfd8ee579bc485e0534410da42e7.elf
-
Size
809KB
-
MD5
7442703232ea59581c65a36de2398c32
-
SHA1
2b9908fed54fdb89d96659b524784a929aa1613b
-
SHA256
fdee2e34212170af59a95701317f220e9bdedfd8ee579bc485e0534410da42e7
-
SHA512
9845f34f97609267b66112328e2ff07f2557a82cfcc9d45439fa746eff5444a9692c999017116d1181bcd332fa96426bbd588674c90211bcfa20956fb7ab970a
-
SSDEEP
12288:36WMJ9LyCRI2nJHbR6FimOGWqQtznu1nzrv0ap7jTEu+4J:3NbM3ektjulE4J
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Loads a kernel module 1 IoCs
Loads a Linux kernel module, potentially to achieve persistence
-
Traces itself 2 IoCs
Traces itself to prevent debugging attempts
-
Changes its process name 1 IoCs
-
Reads runtime system information 1 IoCs
Reads data from /proc virtual filesystem.
Processes
-
/tmp/fdee2e34212170af59a95701317f220e9bdedfd8ee579bc485e0534410da42e7.elf/tmp/fdee2e34212170af59a95701317f220e9bdedfd8ee579bc485e0534410da42e7.elf1⤵
- Deletes itself
- Loads a kernel module
- Traces itself
- Changes its process name
- Reads runtime system information
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
787KB
MD5007296205bcd2d56a96071808a7cd134
SHA104a4a67184bfa637e2909f25faec63d9c56343ed
SHA2560d2dd3bc42c6a294276fad956a3fd0a068c8bd3cf7e497fcb5c6a86ce6e8ab61
SHA512d7ee1e5e02f5b65306ee75c96582cf9d71e2d512d047ade7aac4d12eabe246a6cea8e8c13660577228a833e536f3a096aec93470eebac283c1b89d6d27720414