Analysis
-
max time kernel
23s -
max time network
152s -
platform
ubuntu-24.04_amd64 -
resource
ubuntu2404-amd64-20240523-en -
resource tags
-
submitted
04-12-2024 03:08
General
-
Target
b635d47afb00cd7dcc1a32c5ac9307c064be3918c230ae7c95e7f653a29c5f20.elf
-
Size
108KB
-
MD5
8e5a6c67581db35245a580f3e6900961
-
SHA1
b8db9ab9b233d45dc365d3436f47d534fc3a5429
-
SHA256
b635d47afb00cd7dcc1a32c5ac9307c064be3918c230ae7c95e7f653a29c5f20
-
SHA512
6b204426a4c01000b93ef35812507fd9377949d8ddc0340d9a3d1b697881aa863c55a2c9ed67a19c0b6e7367fc2223b67e4134cd52e5b689cc79e00d4dfcaba1
-
SSDEEP
1536:JvumDCpfSvaRyqTI1eNQ+OA8MtP44JoFD1a56Lz3mCLtCcnJbSq2QkkHIJv:gP6vaRX6eNQA8K44+F5YQ3ntxJ2HkHI
Score
9/10
Malware Config
Signatures
-
Contacts a large (73692) amount of remote hosts 1 TTPs
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows 1 TTPs
This may indicate a network scan to discover remotely running services.
-
Loads a kernel module 5 IoCs
Loads a Linux kernel module, potentially to achieve persistence
Processes
-
/tmp/b635d47afb00cd7dcc1a32c5ac9307c064be3918c230ae7c95e7f653a29c5f20.elf/tmp/b635d47afb00cd7dcc1a32c5ac9307c064be3918c230ae7c95e7f653a29c5f20.elf1⤵
- Loads a kernel module