524eed0cc5e16a7d26efb46ce9d09641470c2db156d69558270f0c9de0271c2f

Analysis

max time kernel
139s
max time network
150s
platform
ubuntu-24.04_amd64
resource
ubuntu2404-amd64-20240523-en
resource tags

arch:amd64arch:i386image:ubuntu2404-amd64-20240523-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system
submitted
14-12-2024 17:21

Target

TRC.x86.elf
Size

72KB
MD5

d36df8c6196d7a1a69f19fca0a920c21
SHA1

784d3ad8de8e14e06a592fa856b5c5c421841dfc
SHA256

524eed0cc5e16a7d26efb46ce9d09641470c2db156d69558270f0c9de0271c2f
SHA512

3d834bd5b484a71aaabcd7d5ef004d4a271ba801c320741adcfa1885c0ac5d554dd2d955d9b102e347b0acc32cf0c9c4d86af1322916e7612a36c26a16f3a10c
SSDEEP

1536:gEKGADH0fCgPVB/ZzNmevvUdSu/4SWof/dYP7dsotiImlK:TKTDUfCcVBhkwvUdSuASWe/kxsoYIyK

Score

9^/10

discovery rootkit

Contacts a large (20232) amount of remote hosts 1 TTPs
This may indicate a network scan to discover remotely running services.
discovery

Network Service Discovery
T1046
Creates a large amount of network flows 1 TTPs
This may indicate a network scan to discover remotely running services.
discovery

Network Service Discovery
T1046

Loads a kernel module 44 IoCs

Loads a Linux kernel module, potentially to achieve persistence

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact