8d4e7068fc99a8f0fc7e2b095c206fda09ade9ea61091c40405e90dd6894ed67

Analysis

max time kernel
149s
max time network
151s
platform
ubuntu-24.04_amd64
resource
ubuntu2404-amd64-20240523-en
resource tags

arch:amd64arch:i386image:ubuntu2404-amd64-20240523-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system
submitted
15-12-2024 10:46

Target

IGz.x86.elf
Size

72KB
MD5

acd283bf65ed831dd470134f403a9294
SHA1

3c0f8231e8089430e32ef8daea73597170a2b4c0
SHA256

8d4e7068fc99a8f0fc7e2b095c206fda09ade9ea61091c40405e90dd6894ed67
SHA512

0847ba7306de9087cd0a4f79f20de2da0baffa1e2d8c09d509b3bd573122593c935b6e39076393d08b9e2da12d89b55f70cbb3c99d42175c4daca848f00a8c72
SSDEEP

1536:gEKGADH0fCgPVB/ZzNmevvUdSud4SWof/dYP7dsotiImlK:TKTDUfCcVBhkwvUdSumSWe/kxsoYIyK

Score

9^/10

discovery rootkit

Contacts a large (20599) amount of remote hosts 1 TTPs
This may indicate a network scan to discover remotely running services.
discovery

Network Service Discovery
T1046
Creates a large amount of network flows 1 TTPs
This may indicate a network scan to discover remotely running services.
discovery

Network Service Discovery
T1046

Loads a kernel module 54 IoCs

Loads a Linux kernel module, potentially to achieve persistence

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact