Analysis
-
max time kernel
149s -
max time network
150s -
platform
ubuntu-24.04_amd64 -
resource
ubuntu2404-amd64-20240523-en -
resource tags
-
submitted
30-12-2024 08:08
General
-
Target
vcimanagement.i686.elf
-
Size
107KB
-
MD5
ec1f746b8b2ff6df3f4541d37c0c99ad
-
SHA1
f131ea4de072ba28e49804b1850ea8fb8cbf9458
-
SHA256
31c47fa7daca0812b6c1b4706c02ea41123a830b07b25bacc73b5c4e6b8583c7
-
SHA512
deb53663ac4799f27c908ac5176bde7b062b54f3bb9929639f00dacce8a8750a97fda357c12c3a74a91acbd5ba171f0780895785a8fc156e79506ce6a24daa59
-
SSDEEP
3072:uYEbDfX7WNeLwDCRz7cCD9oE4gqXaah84:7E3XbjRz7cCD9oE4gqXaah84
Score
9/10
Malware Config
Signatures
-
Contacts a large (23837) amount of remote hosts 1 TTPs
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows 1 TTPs
This may indicate a network scan to discover remotely running services.
-
Loads a kernel module 48 IoCs
Loads a Linux kernel module, potentially to achieve persistence
Processes
-
/tmp/vcimanagement.i686.elf/tmp/vcimanagement.i686.elf1⤵
- Loads a kernel module