Overview

overview

10

Static

static

10

zmap.x86.elf

ubuntu-22.04-amd64

7

Analysis

  • max time kernel
    132s
  • max time network
    148s
  • platform
    ubuntu-22.04_amd64
  • resource
    ubuntu2204-amd64-20240611-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2204-amd64-20240611-enkernel:5.15.0-105-genericlocale:en-usos:ubuntu-22.04-amd64system
  • submitted
    04-12-2024 18:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    zmap.x86.elf

  • Size

    61KB

  • MD5

    e50ce78e35279682d08fe9fc0644e8b3

  • SHA1

    69177219d343662bc91cee92e79dabf9a0b04701

  • SHA256

    9e114679428b0fafe8bf9fd08feaf8104bb7d0181ded6f657424de04825f97f4

  • SHA512

    c99b90d3067aa8141a2ee7d3784c5d9550bca5ca13fd21e3f0ef918ea0c95f8661908aa041727f90d2f36d266ee16a3f1ea829963d96f8e6a9768035b7806927

  • SSDEEP

    1536:kRGfyD5eG8M94cecUDelIv5TTRal9GfUw4v4COupnWl:kMaD5eG8M92KgTTRaf8Z4AxKnk

Score
7/10
defense_evasion

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Modifies Watchdog functionality 1 TTPs 2 IoCs

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    defense_evasion
  • Writes file to system bin folder 2 IoCs
  • Changes its process name 1 IoCs

Processes

  • /tmp/zmap.x86.elf
    /tmp/zmap.x86.elf
    1⤵
    • Deletes itself
    • Modifies Watchdog functionality
    • Writes file to system bin folder
    • Changes its process name
    PID:1569

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads