c9156abfacfc54dbab20f1878c989ab65cf3dc2a78f1178f499f8f9e15ee214f | Triage

Analysis

max time kernel
133s
max time network
145s
platform
ubuntu-24.04_amd64
resource
ubuntu2404-amd64-20240523-en
resource tags

arch:amd64arch:i386image:ubuntu2404-amd64-20240523-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system
submitted
10-01-2025 18:47

Sharing

Report Analysis Logs

General

Target

qbfwdbg.elf
Size

156KB
MD5

a919a9b444ce65f18d828134ce16597d
SHA1

f907cb8ee47b629760c3e360cd273dc9a426d599
SHA256

c9156abfacfc54dbab20f1878c989ab65cf3dc2a78f1178f499f8f9e15ee214f
SHA512

5851904a57e30d4fa8f9f0518c1f91483da9ba50114657aaa732b55ac787ea880b17b0ba386016255bdfbad4b6c32e9cf0b2005e05c6a212db174f5d06f80e40
SSDEEP

3072:dznxapmWvKUQMFDdPW7Ly486GDU92zNnejnbsR6GWegi2GYc8:dznxapmWvKUQ2QC6KRejIgi2G

Score

7^/10

Malware Config

Signatures

Deletes itself 1 IoCs

pid	Process
2492	qbfwdbg.elf

Changes its process name 1 IoCs

description	ioc	pid	Process
Changes the process name, possibly in an attempt to hide itself	httpd	2492	qbfwdbg.elf

/tmp/qbfwdbg.elf
/tmp/qbfwdbg.elf
1⤵
- Deletes itself
- Changes its process name
PID:2492

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads