2ce53942fbef854a6d2ed7cd6b4743223807c5b13c2f0f33015c132fc6471056

Analysis

max time kernel
149s
max time network
129s
platform
ubuntu-24.04_amd64
resource
ubuntu2404-amd64-20240523-en
resource tags

arch:amd64arch:i386image:ubuntu2404-amd64-20240523-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system
submitted
15-12-2024 20:36

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

1552-1-0x0000000008048000-0x00000000080547a0-memory.dmp
Size

48KB
MD5

a2248851d201c206b23da04c9759652e
SHA1

76c4b23fa75e3b0db81779838d74ed26b57c4584
SHA256

2ce53942fbef854a6d2ed7cd6b4743223807c5b13c2f0f33015c132fc6471056
SHA512

a90deef5e90cf8743b9bcdccdd81637610d72bd0b66d734a57be9bd3ff4b6b91bf54a02d5ed56351d6f50c20d00d9ec2cf2bcff18e41572f9d6ebf828c9a25fe
SSDEEP

1536:6nJRT4QPfZfW5XTOeY3DveWAG+1pa/4Qw7bn2ieeA:Gv4QPfZfW5XTOeo1zG0AQwf2im

Score

7^/10

rootkit

Malware Config

Signatures

Loads a kernel module 64 IoCs

Loads a Linux kernel module, potentially to achieve persistence

rootkit

pid	Process
2464	1552-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2465	1552-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2465	1552-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2465	1552-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2465	1552-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2465	1552-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2465	1552-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2465	1552-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2465	1552-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2465	1552-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2465	1552-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2465	1552-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2465	1552-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2465	1552-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2465	1552-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2465	1552-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2465	1552-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2465	1552-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2465	1552-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2465	1552-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2465	1552-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2465	1552-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2465	1552-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2465	1552-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2465	1552-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2465	1552-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2465	1552-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2465	1552-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2465	1552-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2465	1552-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2465	1552-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2465	1552-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2465	1552-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2465	1552-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2465	1552-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2465	1552-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2465	1552-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2465	1552-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2465	1552-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2465	1552-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2465	1552-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2465	1552-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2465	1552-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2465	1552-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2465	1552-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2465	1552-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2465	1552-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2465	1552-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2465	1552-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2465	1552-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2465	1552-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2465	1552-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2465	1552-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2465	1552-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2465	1552-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2465	1552-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2465	1552-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2465	1552-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2465	1552-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2465	1552-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2465	1552-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2465	1552-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2465	1552-1-0x0000000008048000-0x00000000080547a0-memory.dmp
2465	1552-1-0x0000000008048000-0x00000000080547a0-memory.dmp

/tmp/1552-1-0x0000000008048000-0x00000000080547a0-memory.dmp
/tmp/1552-1-0x0000000008048000-0x00000000080547a0-memory.dmp
1⤵
- Loads a kernel module
PID:2464

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads