Analysis

  • max time kernel
    149s
  • max time network
    153s
  • platform
    ubuntu-24.04_amd64
  • resource
    ubuntu2404-amd64-20240523-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2404-amd64-20240523-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system
  • submitted
    19-12-2024 15:52

General

  • Target

    x86.elf

  • Size

    70KB

  • MD5

    d027117b5c35d44021ac6d93a2aeb233

  • SHA1

    f7252bfd477e683caf1d8274b79835b94b600480

  • SHA256

    9fe384f7e5c09dc9902d1500dcdd5f0edc7f484970bb2877a523e6bd4fc67401

  • SHA512

    54ebf24784c168bb83268496eb7b942e3b2936ab87f45dbcbd5469170328bf7e8f6833d317ea41aa9372b59e3b94c95932656713df4f5276ec15879744a72434

  • SSDEEP

    1536:u+rUM2UJcckdqjYp0S5YX+WwIzBvDJHXtMlKEpzcR4lp4vKop4HpFPCD:BrUvUJcckdqjYprYXaMBvDJHXhgcKlp8

Score
9/10

Malware Config

Signatures

  • Contacts a large (49346) amount of remote hosts 1 TTPs

    This may indicate a network scan to discover remotely running services.

  • Creates a large amount of network flows 1 TTPs

    This may indicate a network scan to discover remotely running services.

  • Loads a kernel module 64 IoCs

    Loads a Linux kernel module, potentially to achieve persistence

Processes

  • /tmp/x86.elf
    /tmp/x86.elf
    1⤵
    • Loads a kernel module
    PID:2819

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads