Analysis
-
max time kernel
149s -
max time network
150s -
platform
ubuntu-24.04_amd64 -
resource
ubuntu2404-amd64-20240729-en -
resource tags
arch:amd64arch:i386image:ubuntu2404-amd64-20240729-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system -
submitted
16-12-2024 11:23
Behavioral task
behavioral1
Sample
i586.elf
Resource
ubuntu2404-amd64-20240729-en
ubuntu-24.04-amd64
1 signatures
150 seconds
General
-
Target
i586.elf
-
Size
79KB
-
MD5
d411fabea60f58d93fad5fdc878d8509
-
SHA1
44e23558d2b7f7ea8412c41069605bb0b1b957a5
-
SHA256
f2f8cea3d74052a1af34ee0b5fe6f513444083a55d8ccb439abcb92adfb3bd15
-
SHA512
75e529e5e5015504bac894647e2fa0789081c867678987595a9f88c024d2fc09682e1dc9ff061dd19f34e940d922b6207ee427dc14ac57fa1acc9df38891ac03
-
SSDEEP
1536:v/Eo67moXD972+c6tsTngPE56XxCSn9Qgvjtg0md+wVOz+sXcfW7k:v/EzXz97hc6G7gzXxxGEmMwVOz+ucfWQ
Score
7/10
Malware Config
Signatures
-
Loads a kernel module 58 IoCs
Loads a Linux kernel module, potentially to achieve persistence
pid Process 2517 i586.elf 2517 i586.elf 2517 i586.elf 2517 i586.elf 2517 i586.elf 2517 i586.elf 2517 i586.elf 2517 i586.elf 2517 i586.elf 2517 i586.elf 2517 i586.elf 2517 i586.elf 2517 i586.elf 2517 i586.elf 2517 i586.elf 2517 i586.elf 2517 i586.elf 2517 i586.elf 2517 i586.elf 2517 i586.elf 2517 i586.elf 2517 i586.elf 2517 i586.elf 2517 i586.elf 2517 i586.elf 2517 i586.elf 2517 i586.elf 2517 i586.elf 2517 i586.elf 2517 i586.elf 2517 i586.elf 2517 i586.elf 2517 i586.elf 2517 i586.elf 2517 i586.elf 2517 i586.elf 2517 i586.elf 2517 i586.elf 2517 i586.elf 2517 i586.elf 2517 i586.elf 2517 i586.elf 2517 i586.elf 2517 i586.elf 2517 i586.elf 2517 i586.elf 2517 i586.elf 2517 i586.elf 2517 i586.elf 2517 i586.elf 2517 i586.elf 2517 i586.elf 2517 i586.elf 2517 i586.elf 2517 i586.elf 2517 i586.elf 2517 i586.elf 2517 i586.elf