Overview

overview

10

Static

static

10

x.elf

ubuntu-22.04-amd64

7

Analysis

  • max time kernel
    145s
  • max time network
    132s
  • platform
    ubuntu-22.04_amd64
  • resource
    ubuntu2204-amd64-20240729-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2204-amd64-20240729-enkernel:5.15.0-105-genericlocale:en-usos:ubuntu-22.04-amd64system
  • submitted
    05-01-2025 08:04

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    x.elf

  • Size

    93KB

  • MD5

    3a078fe36abfe3386a34eec8367c6b7b

  • SHA1

    28885d5c254ff4cbd8d54e08f4bd611a45c9e4da

  • SHA256

    ac03cbaace321ca3c832198ead3fbd9626533080a2a3908945c24d1ca0ff89e4

  • SHA512

    359a9a5df8ab20e7c50e07aa760dc71949ea7a6d87a4f15a75ca747ad832a456dd6db11c4e52acba42a7e2946aa759ee90f01e2a3a9721b07119ac62770d536a

  • SSDEEP

    1536:Ek0OQmh/c4jU4AJ3cEsMHHz5Dd38q2tBXrpEn9omCUeO7mnmmmioVcYRZLrn04i:Ek0OlfjUdVcRMVDdMqQBXrKJNHAmmmFA

Score
7/10
defense_evasiondiscovery

Malware Config

Signatures

  • Modifies Watchdog functionality 1 TTPs 2 IoCs

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    defense_evasion
  • Reads system routing table 1 TTPs 1 IoCs

    Gets active network interfaces from /proc virtual filesystem.

    discovery
  • Changes its process name 1 IoCs
  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

    discovery

Processes

  • /tmp/x.elf
    /tmp/x.elf
    1⤵
    • Modifies Watchdog functionality
    • Reads system routing table
    • Changes its process name
    • Reads system network configuration
    PID:1574

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads