65018fe472eb5c664814f9e6cd0dada35684ec9631e4fe34bead8cf492c22cee

Analysis

max time kernel
149s
max time network
131s
platform
ubuntu-24.04_amd64
resource
ubuntu2404-amd64-20240523-en
resource tags

arch:amd64arch:i386image:ubuntu2404-amd64-20240523-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system
submitted
22-11-2024 18:10

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

1587-1-0x0000000008048000-0x00000000080547a0-memory.dmp
Size

48KB
MD5

f4c2d42ed094890939a5b153d6e14382
SHA1

2f5ad213dfb77c8ae6ffb0bff467f55f9f81c3f7
SHA256

65018fe472eb5c664814f9e6cd0dada35684ec9631e4fe34bead8cf492c22cee
SHA512

850a5408f41ad759f0d6d6db542e7786b339c999dd314bf5a23fda2b95b17e993abbfdfcff330eba2ae91e330429f77de3571c7483c781a53402210e187d5780
SSDEEP

1536:6nJRT4QPfZfW5XTOeY3DvetAGX57v4Qw7bn2i/eA:Gv4QPfZfW5XTOeo6zJ7wQwf2i9

Score

7^/10

rootkit

Malware Config

Signatures

Loads a kernel module 64 IoCs

Loads a Linux kernel module, potentially to achieve persistence

rootkit

pid	Process
2840	1587-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2841	1587-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2841	1587-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2841	1587-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2841	1587-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2841	1587-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2841	1587-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2841	1587-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2841	1587-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2841	1587-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2841	1587-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2841	1587-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2841	1587-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2841	1587-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2841	1587-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2841	1587-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2841	1587-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2841	1587-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2841	1587-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2841	1587-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2841	1587-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2841	1587-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2841	1587-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2841	1587-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2841	1587-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2841	1587-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2841	1587-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2841	1587-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2841	1587-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2841	1587-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2841	1587-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2841	1587-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2841	1587-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2841	1587-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2841	1587-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2841	1587-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2841	1587-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2841	1587-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2841	1587-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2841	1587-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2841	1587-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2841	1587-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2841	1587-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2841	1587-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2841	1587-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2841	1587-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2841	1587-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2841	1587-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2841	1587-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2841	1587-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2841	1587-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2841	1587-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2841	1587-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2841	1587-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2841	1587-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2841	1587-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2841	1587-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2841	1587-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2841	1587-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2841	1587-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2841	1587-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2841	1587-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2841	1587-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2841	1587-1-0x0000000008048000-0x00000000080547a0-memory.dmp

/tmp/1587-1-0x0000000008048000-0x00000000080547a0-memory.dmp
/tmp/1587-1-0x0000000008048000-0x00000000080547a0-memory.dmp
1⤵
- Loads a kernel module
PID:2840

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads