Analysis

  • max time kernel
    149s
  • max time network
    155s
  • platform
    ubuntu-24.04_amd64
  • resource
    ubuntu2404-amd64-20240523-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2404-amd64-20240523-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system
  • submitted
    19-12-2024 03:11

General

  • Target

    7952b6f54d1ddfed2359245de196fb3d91e33e280349f566172d96897e54b04b.elf

  • Size

    72KB

  • MD5

    32e0a7bc773f856e4665dad2fc90d628

  • SHA1

    727c774e3d57cdc8a2581c1a6c5cb0ffdc2e4838

  • SHA256

    7952b6f54d1ddfed2359245de196fb3d91e33e280349f566172d96897e54b04b

  • SHA512

    ee04d3d18c7f9ab82b79d17b7a46f20a974b0401769573b8d6a8a94c96e4c75f47c4c66f02a7e2b4aa8bca015a929813398ab5e49245d4bca6aab9fc14fae155

  • SSDEEP

    1536:NW8dQs/nh9adZkrOsDYuY061vDOH3RJTWoV3SW4OB/BQJv4rmoBitQOZDG:Nt/nh9adZsOsDYuY061rgXWKSW3/GheD

Score
9/10

Malware Config

Signatures

  • Contacts a large (20169) amount of remote hosts 1 TTPs

    This may indicate a network scan to discover remotely running services.

  • Creates a large amount of network flows 1 TTPs

    This may indicate a network scan to discover remotely running services.

  • Loads a kernel module 64 IoCs

    Loads a Linux kernel module, potentially to achieve persistence

Processes

  • /tmp/7952b6f54d1ddfed2359245de196fb3d91e33e280349f566172d96897e54b04b.elf
    /tmp/7952b6f54d1ddfed2359245de196fb3d91e33e280349f566172d96897e54b04b.elf
    1⤵
    • Loads a kernel module
    PID:2826

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads