c44213cb86a4c26bde4d24e153cfc4e19c92e1fbf56da2429b82aee82cef6fd9 | Triage

Analysis

max time kernel
149s
max time network
131s
platform
ubuntu-24.04_amd64
resource
ubuntu2404-amd64-20240523-en
resource tags

arch:amd64arch:i386image:ubuntu2404-amd64-20240523-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system
submitted
09-12-2024 03:01

Sharing

Report Analysis Logs

General

Target

boatnet.x86.elf
Size

48KB
MD5

b7a27ca708a2de3c5049391e4c4111bd
SHA1

181d63a107406a8fadf7caa4a8055db37022afde
SHA256

c44213cb86a4c26bde4d24e153cfc4e19c92e1fbf56da2429b82aee82cef6fd9
SHA512

22eceedce3d1d59a0c6628a7200e1d612ec77d4ca43272b4a0e8821537e806693b91376aaab41cd42bf15f915ed7bdd0bceb0fd5d2bae863d19b1e0c2d718f13
SSDEEP

1536:6nJRT4QPfZfW5XTOeY3Dve3AGhrZ/4QwLbn2ice:Gv4QPfZfW5XTOeoEzlZAQwv2i

Score

7^/10

rootkit

Malware Config

Signatures

Loads a kernel module 64 IoCs

Loads a Linux kernel module, potentially to achieve persistence

pid	Process
2830	boatnet.x86.elf
2831	boatnet.x86.elf
2833	boatnet.x86.elf
2831	boatnet.x86.elf
2831	boatnet.x86.elf
2831	boatnet.x86.elf
2831	boatnet.x86.elf
2831	boatnet.x86.elf
2831	boatnet.x86.elf
2831	boatnet.x86.elf
2831	boatnet.x86.elf
2831	boatnet.x86.elf
2831	boatnet.x86.elf
2831	boatnet.x86.elf
2831	boatnet.x86.elf
2831	boatnet.x86.elf
2831	boatnet.x86.elf
2831	boatnet.x86.elf
2831	boatnet.x86.elf
2831	boatnet.x86.elf
2831	boatnet.x86.elf
2831	boatnet.x86.elf
2831	boatnet.x86.elf
2831	boatnet.x86.elf
2831	boatnet.x86.elf
2831	boatnet.x86.elf
2831	boatnet.x86.elf
2831	boatnet.x86.elf
2831	boatnet.x86.elf
2831	boatnet.x86.elf
2831	boatnet.x86.elf
2831	boatnet.x86.elf
2831	boatnet.x86.elf
2831	boatnet.x86.elf
2831	boatnet.x86.elf
2831	boatnet.x86.elf
2831	boatnet.x86.elf
2831	boatnet.x86.elf
2831	boatnet.x86.elf
2831	boatnet.x86.elf
2831	boatnet.x86.elf
2831	boatnet.x86.elf
2831	boatnet.x86.elf
2831	boatnet.x86.elf
2831	boatnet.x86.elf
2831	boatnet.x86.elf
2831	boatnet.x86.elf
2831	boatnet.x86.elf
2831	boatnet.x86.elf
2831	boatnet.x86.elf
2831	boatnet.x86.elf
2831	boatnet.x86.elf
2831	boatnet.x86.elf
2831	boatnet.x86.elf
2831	boatnet.x86.elf
2831	boatnet.x86.elf
2831	boatnet.x86.elf
2831	boatnet.x86.elf
2831	boatnet.x86.elf
2831	boatnet.x86.elf
2831	boatnet.x86.elf
2831	boatnet.x86.elf
2831	boatnet.x86.elf
2831	boatnet.x86.elf

/tmp/boatnet.x86.elf
/tmp/boatnet.x86.elf
1⤵
- Loads a kernel module
PID:2830

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads