Analysis
-
max time kernel
142s -
max time network
150s -
platform
ubuntu-20.04_amd64 -
resource
ubuntu2004-amd64-20240611-en -
resource tags
arch:amd64arch:i386image:ubuntu2004-amd64-20240611-enkernel:5.4.0-169-genericlocale:en-usos:ubuntu-20.04-amd64system -
submitted
17-10-2024 21:05
Behavioral task
behavioral1
Sample
na.elf
Resource
ubuntu1804-amd64-20240611-en
Behavioral task
behavioral2
Sample
na.elf
Resource
ubuntu2004-amd64-20240611-en
General
-
Target
na.elf
-
Size
84KB
-
MD5
0e2c42cc4fb874757cee08ed29b134b4
-
SHA1
9b5d9233bbc22cc5a7cdaa858ae365b425a02171
-
SHA256
a1c0b48199e8a47fe50c4097d86e5f43a1a1c9a9c1f7f3606ffa0d45bb4a2eb3
-
SHA512
7c9af743d13826ebf0c1fd2f29201471060727e66296a8432046bb8f1a8d73a7b385fb7feade00acabc84c9366b89db0e6d96f0722af0e4f672e8e194d9443a7
-
SSDEEP
1536:QahOrhUNuV9NnkqnhhWMC8tOadBvwZoXRUqHekyN/1H5xuM8b/3d:Q5JxkqnhhWMhtOqcoXRUq+xN/1Zx2r3
Malware Config
Extracted
rekoobe
27.124.45.146:12345
Signatures
-
Executes dropped EXE 1 IoCs
ioc pid Process /tmp/CCCCCCCC 1399 CCCCCCCC -
description ioc Process File opened for reading /proc/version CCCCCCCC -
Writes file to tmp directory 1 IoCs
Malware often drops required files in the /tmp directory.
description ioc Process File opened for modification /tmp/CCCCCCCC na.elf
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
84KB
MD50e2c42cc4fb874757cee08ed29b134b4
SHA19b5d9233bbc22cc5a7cdaa858ae365b425a02171
SHA256a1c0b48199e8a47fe50c4097d86e5f43a1a1c9a9c1f7f3606ffa0d45bb4a2eb3
SHA5127c9af743d13826ebf0c1fd2f29201471060727e66296a8432046bb8f1a8d73a7b385fb7feade00acabc84c9366b89db0e6d96f0722af0e4f672e8e194d9443a7