Overview

overview

10

Static

static

10

4e87eab796...dd.elf

ubuntu-24.04-amd64

7

Analysis

  • max time kernel
    149s
  • max time network
    147s
  • platform
    ubuntu-24.04_amd64
  • resource
    ubuntu2404-amd64-20240523-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2404-amd64-20240523-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system
  • submitted
    27-12-2024 02:15

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    4e87eab796dccd9afac67edda8469ada7267c4fafecf174378168d351de38add.elf

  • Size

    100KB

  • MD5

    31d0d4b79753adc437547f277479f4f8

  • SHA1

    4e230307e3a8b0bc13471f0d1de9491d3bafb005

  • SHA256

    4e87eab796dccd9afac67edda8469ada7267c4fafecf174378168d351de38add

  • SHA512

    62d946ab8695571783798f2bb1346c71982e701a2361e602049a4d67753a8119068a337dff218e450648958c27359c27a06b20a7883d8c36f985814fb2534883

  • SSDEEP

    3072:5BZPRgmCvADuJk3c2yJ6WnaZXtSOOzVK:zZZgVoKJkVJlOzV

Score
7/10
rootkit

Malware Config

Signatures

  • Loads a kernel module 7 IoCs

    Loads a Linux kernel module, potentially to achieve persistence

    rootkit
  • Writes file to tmp directory 1 IoCs

    Malware often drops required files in the /tmp directory.

Processes

  • /tmp/4e87eab796dccd9afac67edda8469ada7267c4fafecf174378168d351de38add.elf
    /tmp/4e87eab796dccd9afac67edda8469ada7267c4fafecf174378168d351de38add.elf
    1⤵
    • Loads a kernel module
    • Writes file to tmp directory
    PID:2498

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads