Analysis
-
max time kernel
147s -
max time network
149s -
platform
ubuntu-24.04_amd64 -
resource
ubuntu2404-amd64-20240729-en -
resource tags
arch:amd64arch:i386image:ubuntu2404-amd64-20240729-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system -
submitted
09-01-2025 07:12
Behavioral task
behavioral1
Sample
ssi.elf
Resource
ubuntu2404-amd64-20240729-en
ubuntu-24.04-amd64
1 signatures
150 seconds
General
-
Target
ssi.elf
-
Size
93KB
-
MD5
30694d958a9e2308817e320f254df07a
-
SHA1
4e4b0f201afff635eeb94ab741bd5bd3524252de
-
SHA256
23fc21364599d0415706b7b1d7e6d53d2d56a1af5aaa794dd4df2d934728bc2a
-
SHA512
62c9eee761f0130326c54b1b32990b86fc3933b94bcdf29d900b73a91d808940c79f4a8fa236af0b6bcb5d5bd03a6573a05248f55966c797c08206ba4df7321c
-
SSDEEP
1536:DrSthiWmGWE6BALuPLkklHAkw7WBU/GNX79ejBd/kncW7efTcgZvYV:chiWKBBALuTZNPwQU/GPedNkncW7ef45
Score
7/10
Malware Config
Signatures
-
Loads a kernel module 40 IoCs
Loads a Linux kernel module, potentially to achieve persistence
pid Process 2512 ssi.elf 2512 ssi.elf 2512 ssi.elf 2512 ssi.elf 2512 ssi.elf 2512 ssi.elf 2512 ssi.elf 2512 ssi.elf 2512 ssi.elf 2512 ssi.elf 2512 ssi.elf 2512 ssi.elf 2512 ssi.elf 2512 ssi.elf 2512 ssi.elf 2512 ssi.elf 2512 ssi.elf 2512 ssi.elf 2512 ssi.elf 2512 ssi.elf 2512 ssi.elf 2512 ssi.elf 2512 ssi.elf 2512 ssi.elf 2512 ssi.elf 2512 ssi.elf 2512 ssi.elf 2512 ssi.elf 2512 ssi.elf 2512 ssi.elf 2512 ssi.elf 2512 ssi.elf 2512 ssi.elf 2512 ssi.elf 2512 ssi.elf 2512 ssi.elf 2512 ssi.elf 2512 ssi.elf 2512 ssi.elf 2512 ssi.elf