9153da04008cd5e97675d9963cf98d07425186ac7692398a22b3aa10b441a90f

Analysis

max time kernel
149s
max time network
151s
platform
ubuntu-22.04_amd64
resource
ubuntu2204-amd64-20240611-en
resource tags

arch:amd64arch:i386image:ubuntu2204-amd64-20240611-enkernel:5.15.0-105-genericlocale:en-usos:ubuntu-22.04-amd64system
submitted
08-12-2024 02:31

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

9153da04008cd5e97675d9963cf98d07425186ac7692398a22b3aa10b441a90f.elf
Size

91KB
MD5

9c3def6ee1129b432371d09812e804e0
SHA1

4d531c64564940d35520a84294b5787b717765c2
SHA256

9153da04008cd5e97675d9963cf98d07425186ac7692398a22b3aa10b441a90f
SHA512

e007735ec779ffbc71aa9c3c23f67ee04d8dc45142320cb8377436b81ca67add99763b7caaa99aad3d4dbd049f3995578ff31e46a9cf7e0deeeea7b8fefae9d1
SSDEEP

1536:oFd1IRgCXUzx7t0fMbxqgQEiyhcg+7ju72wPZnWhZS5xtY+v:oFdmR9XUzxh0fMdqgQEimEjLAdew5bv

Score

6^/10

discovery

Malware Config

Signatures

Enumerates running processes
Discovers information about currently running processes on the system

Changes its process name 1 IoCs

description	pid	Process
Changes the process name, possibly in an attempt to hide itself	1587	9153da04008cd5e97675d9963cf98d07425186ac7692398a22b3aa10b441a90f.elf

Reads runtime system information 64 IoCs

Reads data from /proc virtual filesystem.

discovery

description	ioc	Process
File opened for reading	/proc/1153/cmdline	9153da04008cd5e97675d9963cf98d07425186ac7692398a22b3aa10b441a90f.elf
File opened for reading	/proc/1168/cmdline	9153da04008cd5e97675d9963cf98d07425186ac7692398a22b3aa10b441a90f.elf
File opened for reading	/proc/1169/cmdline	9153da04008cd5e97675d9963cf98d07425186ac7692398a22b3aa10b441a90f.elf
File opened for reading	/proc/1196/cmdline	9153da04008cd5e97675d9963cf98d07425186ac7692398a22b3aa10b441a90f.elf
File opened for reading	/proc/1051/cmdline	9153da04008cd5e97675d9963cf98d07425186ac7692398a22b3aa10b441a90f.elf
File opened for reading	/proc/1142/cmdline	9153da04008cd5e97675d9963cf98d07425186ac7692398a22b3aa10b441a90f.elf
File opened for reading	/proc/12/cmdline	9153da04008cd5e97675d9963cf98d07425186ac7692398a22b3aa10b441a90f.elf
File opened for reading	/proc/399/cmdline	9153da04008cd5e97675d9963cf98d07425186ac7692398a22b3aa10b441a90f.elf
File opened for reading	/proc/97/cmdline	9153da04008cd5e97675d9963cf98d07425186ac7692398a22b3aa10b441a90f.elf
File opened for reading	/proc/1097/cmdline	9153da04008cd5e97675d9963cf98d07425186ac7692398a22b3aa10b441a90f.elf
File opened for reading	/proc/1195/cmdline	9153da04008cd5e97675d9963cf98d07425186ac7692398a22b3aa10b441a90f.elf
File opened for reading	/proc/1550/cmdline	9153da04008cd5e97675d9963cf98d07425186ac7692398a22b3aa10b441a90f.elf
File opened for reading	/proc/988/cmdline	9153da04008cd5e97675d9963cf98d07425186ac7692398a22b3aa10b441a90f.elf
File opened for reading	/proc/1081/cmdline	9153da04008cd5e97675d9963cf98d07425186ac7692398a22b3aa10b441a90f.elf
File opened for reading	/proc/99/cmdline	9153da04008cd5e97675d9963cf98d07425186ac7692398a22b3aa10b441a90f.elf
File opened for reading	/proc/405/cmdline	9153da04008cd5e97675d9963cf98d07425186ac7692398a22b3aa10b441a90f.elf
File opened for reading	/proc/772/cmdline	9153da04008cd5e97675d9963cf98d07425186ac7692398a22b3aa10b441a90f.elf
File opened for reading	/proc/1197/cmdline	9153da04008cd5e97675d9963cf98d07425186ac7692398a22b3aa10b441a90f.elf
File opened for reading	/proc/1471/cmdline	9153da04008cd5e97675d9963cf98d07425186ac7692398a22b3aa10b441a90f.elf
File opened for reading	/proc/1593/cmdline	9153da04008cd5e97675d9963cf98d07425186ac7692398a22b3aa10b441a90f.elf
File opened for reading	/proc/2/cmdline	9153da04008cd5e97675d9963cf98d07425186ac7692398a22b3aa10b441a90f.elf
File opened for reading	/proc/81/cmdline	9153da04008cd5e97675d9963cf98d07425186ac7692398a22b3aa10b441a90f.elf
File opened for reading	/proc/214/cmdline	9153da04008cd5e97675d9963cf98d07425186ac7692398a22b3aa10b441a90f.elf
File opened for reading	/proc/215/cmdline	9153da04008cd5e97675d9963cf98d07425186ac7692398a22b3aa10b441a90f.elf
File opened for reading	/proc/373/cmdline	9153da04008cd5e97675d9963cf98d07425186ac7692398a22b3aa10b441a90f.elf
File opened for reading	/proc/840/cmdline	9153da04008cd5e97675d9963cf98d07425186ac7692398a22b3aa10b441a90f.elf
File opened for reading	/proc/1049/cmdline	9153da04008cd5e97675d9963cf98d07425186ac7692398a22b3aa10b441a90f.elf
File opened for reading	/proc/1371/cmdline	9153da04008cd5e97675d9963cf98d07425186ac7692398a22b3aa10b441a90f.elf
File opened for reading	/proc/10/cmdline	9153da04008cd5e97675d9963cf98d07425186ac7692398a22b3aa10b441a90f.elf
File opened for reading	/proc/210/cmdline	9153da04008cd5e97675d9963cf98d07425186ac7692398a22b3aa10b441a90f.elf
File opened for reading	/proc/96/cmdline	9153da04008cd5e97675d9963cf98d07425186ac7692398a22b3aa10b441a90f.elf
File opened for reading	/proc/112/cmdline	9153da04008cd5e97675d9963cf98d07425186ac7692398a22b3aa10b441a90f.elf
File opened for reading	/proc/213/cmdline	9153da04008cd5e97675d9963cf98d07425186ac7692398a22b3aa10b441a90f.elf
File opened for reading	/proc/1059/cmdline	9153da04008cd5e97675d9963cf98d07425186ac7692398a22b3aa10b441a90f.elf
File opened for reading	/proc/1410/cmdline	9153da04008cd5e97675d9963cf98d07425186ac7692398a22b3aa10b441a90f.elf
File opened for reading	/proc/4/cmdline	9153da04008cd5e97675d9963cf98d07425186ac7692398a22b3aa10b441a90f.elf
File opened for reading	/proc/75/cmdline	9153da04008cd5e97675d9963cf98d07425186ac7692398a22b3aa10b441a90f.elf
File opened for reading	/proc/1030/cmdline	9153da04008cd5e97675d9963cf98d07425186ac7692398a22b3aa10b441a90f.elf
File opened for reading	/proc/18/cmdline	9153da04008cd5e97675d9963cf98d07425186ac7692398a22b3aa10b441a90f.elf
File opened for reading	/proc/410/cmdline	9153da04008cd5e97675d9963cf98d07425186ac7692398a22b3aa10b441a90f.elf
File opened for reading	/proc/21/cmdline	9153da04008cd5e97675d9963cf98d07425186ac7692398a22b3aa10b441a90f.elf
File opened for reading	/proc/77/cmdline	9153da04008cd5e97675d9963cf98d07425186ac7692398a22b3aa10b441a90f.elf
File opened for reading	/proc/211/cmdline	9153da04008cd5e97675d9963cf98d07425186ac7692398a22b3aa10b441a90f.elf
File opened for reading	/proc/259/cmdline	9153da04008cd5e97675d9963cf98d07425186ac7692398a22b3aa10b441a90f.elf
File opened for reading	/proc/762/cmdline	9153da04008cd5e97675d9963cf98d07425186ac7692398a22b3aa10b441a90f.elf
File opened for reading	/proc/1009/cmdline	9153da04008cd5e97675d9963cf98d07425186ac7692398a22b3aa10b441a90f.elf
File opened for reading	/proc/9/cmdline	9153da04008cd5e97675d9963cf98d07425186ac7692398a22b3aa10b441a90f.elf
File opened for reading	/proc/19/cmdline	9153da04008cd5e97675d9963cf98d07425186ac7692398a22b3aa10b441a90f.elf
File opened for reading	/proc/1160/cmdline	9153da04008cd5e97675d9963cf98d07425186ac7692398a22b3aa10b441a90f.elf
File opened for reading	/proc/78/cmdline	9153da04008cd5e97675d9963cf98d07425186ac7692398a22b3aa10b441a90f.elf
File opened for reading	/proc/79/cmdline	9153da04008cd5e97675d9963cf98d07425186ac7692398a22b3aa10b441a90f.elf
File opened for reading	/proc/980/cmdline	9153da04008cd5e97675d9963cf98d07425186ac7692398a22b3aa10b441a90f.elf
File opened for reading	/proc/1562/cmdline	9153da04008cd5e97675d9963cf98d07425186ac7692398a22b3aa10b441a90f.elf
File opened for reading	/proc/27/cmdline	9153da04008cd5e97675d9963cf98d07425186ac7692398a22b3aa10b441a90f.elf
File opened for reading	/proc/73/cmdline	9153da04008cd5e97675d9963cf98d07425186ac7692398a22b3aa10b441a90f.elf
File opened for reading	/proc/221/cmdline	9153da04008cd5e97675d9963cf98d07425186ac7692398a22b3aa10b441a90f.elf
File opened for reading	/proc/413/cmdline	9153da04008cd5e97675d9963cf98d07425186ac7692398a22b3aa10b441a90f.elf
File opened for reading	/proc/779/cmdline	9153da04008cd5e97675d9963cf98d07425186ac7692398a22b3aa10b441a90f.elf
File opened for reading	/proc/953/cmdline	9153da04008cd5e97675d9963cf98d07425186ac7692398a22b3aa10b441a90f.elf
File opened for reading	/proc/1175/cmdline	9153da04008cd5e97675d9963cf98d07425186ac7692398a22b3aa10b441a90f.elf
File opened for reading	/proc/13/cmdline	9153da04008cd5e97675d9963cf98d07425186ac7692398a22b3aa10b441a90f.elf
File opened for reading	/proc/88/cmdline	9153da04008cd5e97675d9963cf98d07425186ac7692398a22b3aa10b441a90f.elf
File opened for reading	/proc/1123/cmdline	9153da04008cd5e97675d9963cf98d07425186ac7692398a22b3aa10b441a90f.elf
File opened for reading	/proc/92/cmdline	9153da04008cd5e97675d9963cf98d07425186ac7692398a22b3aa10b441a90f.elf

/tmp/9153da04008cd5e97675d9963cf98d07425186ac7692398a22b3aa10b441a90f.elf
/tmp/9153da04008cd5e97675d9963cf98d07425186ac7692398a22b3aa10b441a90f.elf
1⤵
- Changes its process name
- Reads runtime system information
PID:1587

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads