Analysis
-
max time kernel
149s -
max time network
151s -
platform
ubuntu-24.04_amd64 -
resource
ubuntu2404-amd64-20240523-en -
resource tags
arch:amd64arch:i386image:ubuntu2404-amd64-20240523-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system -
submitted
20-11-2024 21:42
General
-
Target
x86
-
Size
57KB
-
MD5
9ae358f27d23a2c907261646e42afe2a
-
SHA1
3b5f5568fbf51f832018fcd407e890e1f4b9dc31
-
SHA256
4b8f796a0bf6d0854fd53a2f04ddeb898b055be3cc09ea923be613bc83406ae3
-
SHA512
ddcdb92fe5b98bdbb766dc4f552d108a0212dc482efb9a773a98abc072316574905ad3091df32774f7156d7c123df83570a6dfb75a7f15a7f2571a844dd48d3a
-
SSDEEP
1536:/FtvA1fRWt01JffeXR3A/d4au5eMLeMWJJuV/sQrz6pz:/Q1f8t01JffeXRw/ea4eMLe9JuJ1Xaz
Malware Config
Signatures
-
Contacts a large (77286) amount of remote hosts 1 TTPs
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows 1 TTPs
This may indicate a network scan to discover remotely running services.
-
Loads a kernel module 30 IoCs
Loads a Linux kernel module, potentially to achieve persistence
pid Process 2441 x86 2443 x86 2443 x86 2443 x86 2443 x86 2443 x86 2443 x86 2443 x86 2443 x86 2443 x86 2443 x86 2443 x86 2443 x86 2443 x86 2443 x86 2443 x86 2443 x86 2443 x86 2443 x86 2443 x86 2443 x86 2443 x86 2443 x86 2443 x86 2443 x86 2443 x86 2443 x86 2443 x86 2443 x86 2443 x86