850ad30ed11c0f85a765d44c2074b83b61bd40ccfd137b799048271131280ff5

Analysis

max time kernel
149s
max time network
152s
platform
ubuntu-24.04_amd64
resource
ubuntu2404-amd64-20240523-en
resource tags

arch:amd64arch:i386image:ubuntu2404-amd64-20240523-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system
submitted
04-12-2024 18:57

Target

i586.elf
Size

124KB
MD5

974d5a37d11bea6f546853bcf6a23a13
SHA1

0bbdfa4266ae61c3982940bc06e370d882fb06b0
SHA256

850ad30ed11c0f85a765d44c2074b83b61bd40ccfd137b799048271131280ff5
SHA512

d3dd2f02e46ad35d85853ce33970aa641df3b6aea8ce004c260083215bb49b9186f9b558dbd313043e7ea25474802839d506210e39eb36fce49cceb52eb9346b
SSDEEP

3072:QbqCkOz3UoA0iCHWB+yGe6vK+hcDLoY4giAGaJpP:QbqCVpAj53IvK8cDLoY4giAGaJpP

Score

9^/10

discovery rootkit

Contacts a large (70213) amount of remote hosts 1 TTPs
This may indicate a network scan to discover remotely running services.
discovery

Network Service Discovery
T1046
Creates a large amount of network flows 1 TTPs
This may indicate a network scan to discover remotely running services.
discovery

Network Service Discovery
T1046

Loads a kernel module 24 IoCs

Loads a Linux kernel module, potentially to achieve persistence

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact