Analysis

  • max time kernel
    149s
  • max time network
    151s
  • platform
    ubuntu-24.04_amd64
  • resource
    ubuntu2404-amd64-20240523-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2404-amd64-20240523-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system
  • submitted
    06-11-2024 13:53

General

  • Target

    7a8ed4a1f76797d3b9b6b5f738a0b6dab41bf4fa7c0abfd49b8714f898cc8669

  • Size

    60KB

  • MD5

    8a847e0d7c792f89efc2646425db7116

  • SHA1

    2a49deca5e1dfb1579718e3b34869806ee6e1ed9

  • SHA256

    7a8ed4a1f76797d3b9b6b5f738a0b6dab41bf4fa7c0abfd49b8714f898cc8669

  • SHA512

    6db2d89ae524a4791f7ff912cc645d323b18c1673ac890e8d4989287f74904b21f6d440c3d196896449d122095a12e48f91317a1e0a14094df9678370b45b813

  • SSDEEP

    1536:DxUEibfRLIXHpf4GsVyB2P2bju5eMS0WLDTetpKDnCKo:DiXbfRLIXHpf4GsVWTbj4eMSnfOcDC

Score
9/10

Malware Config

Signatures

  • Contacts a large (76765) amount of remote hosts 1 TTPs

    This may indicate a network scan to discover remotely running services.

  • Creates a large amount of network flows 1 TTPs

    This may indicate a network scan to discover remotely running services.

  • Loads a kernel module 56 IoCs

    Loads a Linux kernel module, potentially to achieve persistence

Processes

  • /tmp/7a8ed4a1f76797d3b9b6b5f738a0b6dab41bf4fa7c0abfd49b8714f898cc8669
    /tmp/7a8ed4a1f76797d3b9b6b5f738a0b6dab41bf4fa7c0abfd49b8714f898cc8669
    1⤵
    • Loads a kernel module
    PID:2523

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads