45d6cbe1c9259d86d563c5e76d70383747ee8c613ef15af8d7ab27cc1ee28c3c

Analysis

max time kernel
143s
max time network
146s
platform
ubuntu-24.04_amd64
resource
ubuntu2404-amd64-20240523-en
resource tags

arch:amd64arch:i386image:ubuntu2404-amd64-20240523-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system
submitted
07-12-2024 02:31

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

45d6cbe1c9259d86d563c5e76d70383747ee8c613ef15af8d7ab27cc1ee28c3c.elf
Size

170KB
MD5

cd6bbd73b40235580ac39ee7187b7330
SHA1

c1cbe4c2076e915a7582e0669d7904f8a53060e9
SHA256

45d6cbe1c9259d86d563c5e76d70383747ee8c613ef15af8d7ab27cc1ee28c3c
SHA512

c6348da638bc2ec66cbfe5ec5b43f5a60a582e0fb12f63201c36477ad0b3b36dfe4e0a2712972945fcc08f87bc46e634462cad92f46c84e1a397bcc850981f87
SSDEEP

3072:N8cx757Y4zFY9Drz7xegG1k3QvjCwjgIAKQSDn7I0iMIUcBvKrli2p6dBk0qyl:N8cxd7Y4zFY9Pz7xlG1fFcMIli16dBkS

Score

7^/10

discovery

Malware Config

Signatures

Deletes itself 1 IoCs

pid	Process
2820	45d6cbe1c9259d86d563c5e76d70383747ee8c613ef15af8d7ab27cc1ee28c3c.elf

Enumerates running processes
Discovers information about currently running processes on the system

Changes its process name 1 IoCs

description	ioc	pid	Process
Changes the process name, possibly in an attempt to hide itself	httpd	2819	45d6cbe1c9259d86d563c5e76d70383747ee8c613ef15af8d7ab27cc1ee28c3c.elf

Reads runtime system information 64 IoCs

Reads data from /proc virtual filesystem.

discovery

description	ioc	Process
File opened for reading	/proc/820/cmdline	45d6cbe1c9259d86d563c5e76d70383747ee8c613ef15af8d7ab27cc1ee28c3c.elf
File opened for reading	/proc/1092/cmdline	45d6cbe1c9259d86d563c5e76d70383747ee8c613ef15af8d7ab27cc1ee28c3c.elf
File opened for reading	/proc/2310/cmdline	45d6cbe1c9259d86d563c5e76d70383747ee8c613ef15af8d7ab27cc1ee28c3c.elf
File opened for reading	/proc/29/cmdline	45d6cbe1c9259d86d563c5e76d70383747ee8c613ef15af8d7ab27cc1ee28c3c.elf
File opened for reading	/proc/191/cmdline	45d6cbe1c9259d86d563c5e76d70383747ee8c613ef15af8d7ab27cc1ee28c3c.elf
File opened for reading	/proc/389/cmdline	45d6cbe1c9259d86d563c5e76d70383747ee8c613ef15af8d7ab27cc1ee28c3c.elf
File opened for reading	/proc/731/cmdline	45d6cbe1c9259d86d563c5e76d70383747ee8c613ef15af8d7ab27cc1ee28c3c.elf
File opened for reading	/proc/456/cmdline	45d6cbe1c9259d86d563c5e76d70383747ee8c613ef15af8d7ab27cc1ee28c3c.elf
File opened for reading	/proc/1120/cmdline	45d6cbe1c9259d86d563c5e76d70383747ee8c613ef15af8d7ab27cc1ee28c3c.elf
File opened for reading	/proc/19/cmdline	45d6cbe1c9259d86d563c5e76d70383747ee8c613ef15af8d7ab27cc1ee28c3c.elf
File opened for reading	/proc/32/cmdline	45d6cbe1c9259d86d563c5e76d70383747ee8c613ef15af8d7ab27cc1ee28c3c.elf
File opened for reading	/proc/64/cmdline	45d6cbe1c9259d86d563c5e76d70383747ee8c613ef15af8d7ab27cc1ee28c3c.elf
File opened for reading	/proc/431/cmdline	45d6cbe1c9259d86d563c5e76d70383747ee8c613ef15af8d7ab27cc1ee28c3c.elf
File opened for reading	/proc/2223/cmdline	45d6cbe1c9259d86d563c5e76d70383747ee8c613ef15af8d7ab27cc1ee28c3c.elf
File opened for reading	/proc/12/cmdline	45d6cbe1c9259d86d563c5e76d70383747ee8c613ef15af8d7ab27cc1ee28c3c.elf
File opened for reading	/proc/49/cmdline	45d6cbe1c9259d86d563c5e76d70383747ee8c613ef15af8d7ab27cc1ee28c3c.elf
File opened for reading	/proc/56/cmdline	45d6cbe1c9259d86d563c5e76d70383747ee8c613ef15af8d7ab27cc1ee28c3c.elf
File opened for reading	/proc/586/cmdline	45d6cbe1c9259d86d563c5e76d70383747ee8c613ef15af8d7ab27cc1ee28c3c.elf
File opened for reading	/proc/1056/cmdline	45d6cbe1c9259d86d563c5e76d70383747ee8c613ef15af8d7ab27cc1ee28c3c.elf
File opened for reading	/proc/1068/cmdline	45d6cbe1c9259d86d563c5e76d70383747ee8c613ef15af8d7ab27cc1ee28c3c.elf
File opened for reading	/proc/1406/cmdline	45d6cbe1c9259d86d563c5e76d70383747ee8c613ef15af8d7ab27cc1ee28c3c.elf
File opened for reading	/proc/2202/cmdline	45d6cbe1c9259d86d563c5e76d70383747ee8c613ef15af8d7ab27cc1ee28c3c.elf
File opened for reading	/proc/14/cmdline	45d6cbe1c9259d86d563c5e76d70383747ee8c613ef15af8d7ab27cc1ee28c3c.elf
File opened for reading	/proc/23/cmdline	45d6cbe1c9259d86d563c5e76d70383747ee8c613ef15af8d7ab27cc1ee28c3c.elf
File opened for reading	/proc/48/cmdline	45d6cbe1c9259d86d563c5e76d70383747ee8c613ef15af8d7ab27cc1ee28c3c.elf
File opened for reading	/proc/592/cmdline	45d6cbe1c9259d86d563c5e76d70383747ee8c613ef15af8d7ab27cc1ee28c3c.elf
File opened for reading	/proc/1129/cmdline	45d6cbe1c9259d86d563c5e76d70383747ee8c613ef15af8d7ab27cc1ee28c3c.elf
File opened for reading	/proc/15/cmdline	45d6cbe1c9259d86d563c5e76d70383747ee8c613ef15af8d7ab27cc1ee28c3c.elf
File opened for reading	/proc/52/cmdline	45d6cbe1c9259d86d563c5e76d70383747ee8c613ef15af8d7ab27cc1ee28c3c.elf
File opened for reading	/proc/195/cmdline	45d6cbe1c9259d86d563c5e76d70383747ee8c613ef15af8d7ab27cc1ee28c3c.elf
File opened for reading	/proc/508/cmdline	45d6cbe1c9259d86d563c5e76d70383747ee8c613ef15af8d7ab27cc1ee28c3c.elf
File opened for reading	/proc/590/cmdline	45d6cbe1c9259d86d563c5e76d70383747ee8c613ef15af8d7ab27cc1ee28c3c.elf
File opened for reading	/proc/726/cmdline	45d6cbe1c9259d86d563c5e76d70383747ee8c613ef15af8d7ab27cc1ee28c3c.elf
File opened for reading	/proc/1062/cmdline	45d6cbe1c9259d86d563c5e76d70383747ee8c613ef15af8d7ab27cc1ee28c3c.elf
File opened for reading	/proc/2121/cmdline	45d6cbe1c9259d86d563c5e76d70383747ee8c613ef15af8d7ab27cc1ee28c3c.elf
File opened for reading	/proc/8/cmdline	45d6cbe1c9259d86d563c5e76d70383747ee8c613ef15af8d7ab27cc1ee28c3c.elf
File opened for reading	/proc/10/cmdline	45d6cbe1c9259d86d563c5e76d70383747ee8c613ef15af8d7ab27cc1ee28c3c.elf
File opened for reading	/proc/43/cmdline	45d6cbe1c9259d86d563c5e76d70383747ee8c613ef15af8d7ab27cc1ee28c3c.elf
File opened for reading	/proc/192/cmdline	45d6cbe1c9259d86d563c5e76d70383747ee8c613ef15af8d7ab27cc1ee28c3c.elf
File opened for reading	/proc/2249/cmdline	45d6cbe1c9259d86d563c5e76d70383747ee8c613ef15af8d7ab27cc1ee28c3c.elf
File opened for reading	/proc/9/cmdline	45d6cbe1c9259d86d563c5e76d70383747ee8c613ef15af8d7ab27cc1ee28c3c.elf
File opened for reading	/proc/35/cmdline	45d6cbe1c9259d86d563c5e76d70383747ee8c613ef15af8d7ab27cc1ee28c3c.elf
File opened for reading	/proc/193/cmdline	45d6cbe1c9259d86d563c5e76d70383747ee8c613ef15af8d7ab27cc1ee28c3c.elf
File opened for reading	/proc/2263/cmdline	45d6cbe1c9259d86d563c5e76d70383747ee8c613ef15af8d7ab27cc1ee28c3c.elf
File opened for reading	/proc/2/cmdline	45d6cbe1c9259d86d563c5e76d70383747ee8c613ef15af8d7ab27cc1ee28c3c.elf
File opened for reading	/proc/66/cmdline	45d6cbe1c9259d86d563c5e76d70383747ee8c613ef15af8d7ab27cc1ee28c3c.elf
File opened for reading	/proc/189/cmdline	45d6cbe1c9259d86d563c5e76d70383747ee8c613ef15af8d7ab27cc1ee28c3c.elf
File opened for reading	/proc/779/cmdline	45d6cbe1c9259d86d563c5e76d70383747ee8c613ef15af8d7ab27cc1ee28c3c.elf
File opened for reading	/proc/197/cmdline	45d6cbe1c9259d86d563c5e76d70383747ee8c613ef15af8d7ab27cc1ee28c3c.elf
File opened for reading	/proc/2031/cmdline	45d6cbe1c9259d86d563c5e76d70383747ee8c613ef15af8d7ab27cc1ee28c3c.elf
File opened for reading	/proc/1052/cmdline	45d6cbe1c9259d86d563c5e76d70383747ee8c613ef15af8d7ab27cc1ee28c3c.elf
File opened for reading	/proc/2176/cmdline	45d6cbe1c9259d86d563c5e76d70383747ee8c613ef15af8d7ab27cc1ee28c3c.elf
File opened for reading	/proc/45/cmdline	45d6cbe1c9259d86d563c5e76d70383747ee8c613ef15af8d7ab27cc1ee28c3c.elf
File opened for reading	/proc/783/cmdline	45d6cbe1c9259d86d563c5e76d70383747ee8c613ef15af8d7ab27cc1ee28c3c.elf
File opened for reading	/proc/791/cmdline	45d6cbe1c9259d86d563c5e76d70383747ee8c613ef15af8d7ab27cc1ee28c3c.elf
File opened for reading	/proc/792/cmdline	45d6cbe1c9259d86d563c5e76d70383747ee8c613ef15af8d7ab27cc1ee28c3c.elf
File opened for reading	/proc/25/cmdline	45d6cbe1c9259d86d563c5e76d70383747ee8c613ef15af8d7ab27cc1ee28c3c.elf
File opened for reading	/proc/26/cmdline	45d6cbe1c9259d86d563c5e76d70383747ee8c613ef15af8d7ab27cc1ee28c3c.elf
File opened for reading	/proc/1114/cmdline	45d6cbe1c9259d86d563c5e76d70383747ee8c613ef15af8d7ab27cc1ee28c3c.elf
File opened for reading	/proc/2305/cmdline	45d6cbe1c9259d86d563c5e76d70383747ee8c613ef15af8d7ab27cc1ee28c3c.elf
File opened for reading	/proc/234/cmdline	45d6cbe1c9259d86d563c5e76d70383747ee8c613ef15af8d7ab27cc1ee28c3c.elf
File opened for reading	/proc/2309/cmdline	45d6cbe1c9259d86d563c5e76d70383747ee8c613ef15af8d7ab27cc1ee28c3c.elf
File opened for reading	/proc/28/cmdline	45d6cbe1c9259d86d563c5e76d70383747ee8c613ef15af8d7ab27cc1ee28c3c.elf
File opened for reading	/proc/38/cmdline	45d6cbe1c9259d86d563c5e76d70383747ee8c613ef15af8d7ab27cc1ee28c3c.elf

/tmp/45d6cbe1c9259d86d563c5e76d70383747ee8c613ef15af8d7ab27cc1ee28c3c.elf
/tmp/45d6cbe1c9259d86d563c5e76d70383747ee8c613ef15af8d7ab27cc1ee28c3c.elf
1⤵
- Deletes itself
- Changes its process name
- Reads runtime system information
PID:2819

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads