Overview

overview

10

Static

static

10

zmap.x86.elf

windows7-x64

3

zmap.x86.elf

ubuntu-24.04-amd64

7

Resubmissions

10/01/2025, 06:10

250110-gw6zpsxkgj 10

04/09/2024, 21:53

240904-1rmj2syaqa 10

Analysis

  • max time kernel
    145s
  • max time network
    150s
  • platform
    ubuntu-24.04_amd64
  • resource
    ubuntu2404-amd64-20240523-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2404-amd64-20240523-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system
  • submitted
    10/01/2025, 06:10

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    zmap.x86.elf

  • Size

    45KB

  • MD5

    0678622fb172983ef86baa0ee3b1fc90

  • SHA1

    cc1cff33d0f01e658a2572a68044a9e12e2d7cfe

  • SHA256

    837da454842f52b7d77234ab26dd0e16865bd8617af9269fb96edad00ab6ae82

  • SHA512

    ed9a4ceaa180e5616e345a6c5a13784a4e1dc5f59a8c74ec9ecd32bae3a6b1e58d84ec56225fc9518230bf16e527c42d9632862e4da4b20b67e95c16fea7541b

  • SSDEEP

    768:K1PTuItveeil3VOaFrK/u/BxrrcWLgG0+t2hObeMMcki2ZvB:K1PTuINeeillOaFrKW5xCG0nobjMc

Score
7/10
rootkit

Malware Config

Signatures

  • Loads a kernel module 27 IoCs

    Loads a Linux kernel module, potentially to achieve persistence

    rootkit
  • Writes file to tmp directory 1 IoCs

    Malware often drops required files in the /tmp directory.

Processes

  • /tmp/zmap.x86.elf
    /tmp/zmap.x86.elf
    1⤵
    • Loads a kernel module
    • Writes file to tmp directory
    PID:3638

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads