1ea61821746ea0677e2edb12a3994d37535619311ebbb617787897dd5393e34e

Analysis

max time kernel
149s
max time network
147s
platform
ubuntu-22.04_amd64
resource
ubuntu2204-amd64-20240729-en
resource tags

arch:amd64arch:i386image:ubuntu2204-amd64-20240729-enkernel:5.15.0-105-genericlocale:en-usos:ubuntu-22.04-amd64system
submitted
23-12-2024 02:02

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

1ea61821746ea0677e2edb12a3994d37535619311ebbb617787897dd5393e34e.elf
Size

136KB
MD5

3cd2b8773d2b4015d8ebdbfbc958f05a
SHA1

54c5b7145840890f623bdba0cec2cec106ed0825
SHA256

1ea61821746ea0677e2edb12a3994d37535619311ebbb617787897dd5393e34e
SHA512

e26222a1ff4261ae5d2262bb3e2c883041fd89759dc4a50c0efc68fe20c101b74faac665974eecf3ca71d0e4c67b8d877f79f96e36f368fc80669704291ece34
SSDEEP

3072:DX+wXNsuOXWYmqnQsk11TosPipRlOaogXk72IElN7Ccy3wEymPd:DX+wXNsuOXWYmC0Puk7urEymPd

Score

6^/10

discovery

Malware Config

Signatures

Enumerates running processes
Discovers information about currently running processes on the system

Changes its process name 1 IoCs

description	ioc	pid	Process
Changes the process name, possibly in an attempt to hide itself	-"6	1570	1ea61821746ea0677e2edb12a3994d37535619311ebbb617787897dd5393e34e.elf

Reads runtime system information 64 IoCs

Reads data from /proc virtual filesystem.

discovery

description	ioc	Process
File opened for reading	/proc/78/cmdline	1ea61821746ea0677e2edb12a3994d37535619311ebbb617787897dd5393e34e.elf
File opened for reading	/proc/86/cmdline	1ea61821746ea0677e2edb12a3994d37535619311ebbb617787897dd5393e34e.elf
File opened for reading	/proc/314/cmdline	1ea61821746ea0677e2edb12a3994d37535619311ebbb617787897dd5393e34e.elf
File opened for reading	/proc/1236/cmdline	1ea61821746ea0677e2edb12a3994d37535619311ebbb617787897dd5393e34e.elf
File opened for reading	/proc/775/cmdline	1ea61821746ea0677e2edb12a3994d37535619311ebbb617787897dd5393e34e.elf
File opened for reading	/proc/14/cmdline	1ea61821746ea0677e2edb12a3994d37535619311ebbb617787897dd5393e34e.elf
File opened for reading	/proc/18/cmdline	1ea61821746ea0677e2edb12a3994d37535619311ebbb617787897dd5393e34e.elf
File opened for reading	/proc/20/cmdline	1ea61821746ea0677e2edb12a3994d37535619311ebbb617787897dd5393e34e.elf
File opened for reading	/proc/76/cmdline	1ea61821746ea0677e2edb12a3994d37535619311ebbb617787897dd5393e34e.elf
File opened for reading	/proc/95/cmdline	1ea61821746ea0677e2edb12a3994d37535619311ebbb617787897dd5393e34e.elf
File opened for reading	/proc/197/cmdline	1ea61821746ea0677e2edb12a3994d37535619311ebbb617787897dd5393e34e.elf
File opened for reading	/proc/501/cmdline	1ea61821746ea0677e2edb12a3994d37535619311ebbb617787897dd5393e34e.elf
File opened for reading	/proc/1039/cmdline	1ea61821746ea0677e2edb12a3994d37535619311ebbb617787897dd5393e34e.elf
File opened for reading	/proc/1078/cmdline	1ea61821746ea0677e2edb12a3994d37535619311ebbb617787897dd5393e34e.elf
File opened for reading	/proc/1491/cmdline	1ea61821746ea0677e2edb12a3994d37535619311ebbb617787897dd5393e34e.elf
File opened for reading	/proc/9/cmdline	1ea61821746ea0677e2edb12a3994d37535619311ebbb617787897dd5393e34e.elf
File opened for reading	/proc/868/cmdline	1ea61821746ea0677e2edb12a3994d37535619311ebbb617787897dd5393e34e.elf
File opened for reading	/proc/1082/cmdline	1ea61821746ea0677e2edb12a3994d37535619311ebbb617787897dd5393e34e.elf
File opened for reading	/proc/1132/cmdline	1ea61821746ea0677e2edb12a3994d37535619311ebbb617787897dd5393e34e.elf
File opened for reading	/proc/1377/cmdline	1ea61821746ea0677e2edb12a3994d37535619311ebbb617787897dd5393e34e.elf
File opened for reading	/proc/528/cmdline	1ea61821746ea0677e2edb12a3994d37535619311ebbb617787897dd5393e34e.elf
File opened for reading	/proc/684/cmdline	1ea61821746ea0677e2edb12a3994d37535619311ebbb617787897dd5393e34e.elf
File opened for reading	/proc/1193/cmdline	1ea61821746ea0677e2edb12a3994d37535619311ebbb617787897dd5393e34e.elf
File opened for reading	/proc/11/cmdline	1ea61821746ea0677e2edb12a3994d37535619311ebbb617787897dd5393e34e.elf
File opened for reading	/proc/413/cmdline	1ea61821746ea0677e2edb12a3994d37535619311ebbb617787897dd5393e34e.elf
File opened for reading	/proc/757/cmdline	1ea61821746ea0677e2edb12a3994d37535619311ebbb617787897dd5393e34e.elf
File opened for reading	/proc/992/cmdline	1ea61821746ea0677e2edb12a3994d37535619311ebbb617787897dd5393e34e.elf
File opened for reading	/proc/1573/cmdline	1ea61821746ea0677e2edb12a3994d37535619311ebbb617787897dd5393e34e.elf
File opened for reading	/proc/15/cmdline	1ea61821746ea0677e2edb12a3994d37535619311ebbb617787897dd5393e34e.elf
File opened for reading	/proc/97/cmdline	1ea61821746ea0677e2edb12a3994d37535619311ebbb617787897dd5393e34e.elf
File opened for reading	/proc/586/cmdline	1ea61821746ea0677e2edb12a3994d37535619311ebbb617787897dd5393e34e.elf
File opened for reading	/proc/746/cmdline	1ea61821746ea0677e2edb12a3994d37535619311ebbb617787897dd5393e34e.elf
File opened for reading	/proc/1198/cmdline	1ea61821746ea0677e2edb12a3994d37535619311ebbb617787897dd5393e34e.elf
File opened for reading	/proc/5/cmdline	1ea61821746ea0677e2edb12a3994d37535619311ebbb617787897dd5393e34e.elf
File opened for reading	/proc/23/cmdline	1ea61821746ea0677e2edb12a3994d37535619311ebbb617787897dd5393e34e.elf
File opened for reading	/proc/25/cmdline	1ea61821746ea0677e2edb12a3994d37535619311ebbb617787897dd5393e34e.elf
File opened for reading	/proc/26/cmdline	1ea61821746ea0677e2edb12a3994d37535619311ebbb617787897dd5393e34e.elf
File opened for reading	/proc/74/cmdline	1ea61821746ea0677e2edb12a3994d37535619311ebbb617787897dd5393e34e.elf
File opened for reading	/proc/211/cmdline	1ea61821746ea0677e2edb12a3994d37535619311ebbb617787897dd5393e34e.elf
File opened for reading	/proc/723/cmdline	1ea61821746ea0677e2edb12a3994d37535619311ebbb617787897dd5393e34e.elf
File opened for reading	/proc/1220/cmdline	1ea61821746ea0677e2edb12a3994d37535619311ebbb617787897dd5393e34e.elf
File opened for reading	/proc/1570/cmdline	1ea61821746ea0677e2edb12a3994d37535619311ebbb617787897dd5393e34e.elf
File opened for reading	/proc/1568/cmdline	1ea61821746ea0677e2edb12a3994d37535619311ebbb617787897dd5393e34e.elf
File opened for reading	/proc/114/cmdline	1ea61821746ea0677e2edb12a3994d37535619311ebbb617787897dd5393e34e.elf
File opened for reading	/proc/414/cmdline	1ea61821746ea0677e2edb12a3994d37535619311ebbb617787897dd5393e34e.elf
File opened for reading	/proc/590/cmdline	1ea61821746ea0677e2edb12a3994d37535619311ebbb617787897dd5393e34e.elf
File opened for reading	/proc/640/cmdline	1ea61821746ea0677e2edb12a3994d37535619311ebbb617787897dd5393e34e.elf
File opened for reading	/proc/872/cmdline	1ea61821746ea0677e2edb12a3994d37535619311ebbb617787897dd5393e34e.elf
File opened for reading	/proc/1163/cmdline	1ea61821746ea0677e2edb12a3994d37535619311ebbb617787897dd5393e34e.elf
File opened for reading	/proc/1205/cmdline	1ea61821746ea0677e2edb12a3994d37535619311ebbb617787897dd5393e34e.elf
File opened for reading	/proc/88/cmdline	1ea61821746ea0677e2edb12a3994d37535619311ebbb617787897dd5393e34e.elf
File opened for reading	/proc/98/cmdline	1ea61821746ea0677e2edb12a3994d37535619311ebbb617787897dd5393e34e.elf
File opened for reading	/proc/199/cmdline	1ea61821746ea0677e2edb12a3994d37535619311ebbb617787897dd5393e34e.elf
File opened for reading	/proc/263/cmdline	1ea61821746ea0677e2edb12a3994d37535619311ebbb617787897dd5393e34e.elf
File opened for reading	/proc/416/cmdline	1ea61821746ea0677e2edb12a3994d37535619311ebbb617787897dd5393e34e.elf
File opened for reading	/proc/1034/cmdline	1ea61821746ea0677e2edb12a3994d37535619311ebbb617787897dd5393e34e.elf
File opened for reading	/proc/1287/cmdline	1ea61821746ea0677e2edb12a3994d37535619311ebbb617787897dd5393e34e.elf
File opened for reading	/proc/742/cmdline	1ea61821746ea0677e2edb12a3994d37535619311ebbb617787897dd5393e34e.elf
File opened for reading	/proc/1263/cmdline	1ea61821746ea0677e2edb12a3994d37535619311ebbb617787897dd5393e34e.elf
File opened for reading	/proc/1310/cmdline	1ea61821746ea0677e2edb12a3994d37535619311ebbb617787897dd5393e34e.elf
File opened for reading	/proc/1434/cmdline	1ea61821746ea0677e2edb12a3994d37535619311ebbb617787897dd5393e34e.elf
File opened for reading	/proc/1569/cmdline	1ea61821746ea0677e2edb12a3994d37535619311ebbb617787897dd5393e34e.elf
File opened for reading	/proc/410/cmdline	1ea61821746ea0677e2edb12a3994d37535619311ebbb617787897dd5393e34e.elf
File opened for reading	/proc/609/cmdline	1ea61821746ea0677e2edb12a3994d37535619311ebbb617787897dd5393e34e.elf

/tmp/1ea61821746ea0677e2edb12a3994d37535619311ebbb617787897dd5393e34e.elf
/tmp/1ea61821746ea0677e2edb12a3994d37535619311ebbb617787897dd5393e34e.elf
1⤵
- Changes its process name
- Reads runtime system information
PID:1570

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads