17529ec36be870b9c139f4c7a5d09ce2b8a8c213423f5a28dbc830c7580af4a4 | Triage

Analysis

max time kernel
149s
max time network
150s
platform
ubuntu-24.04_amd64
resource
ubuntu2404-amd64-20240729-en
resource tags

arch:amd64arch:i386image:ubuntu2404-amd64-20240729-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system
submitted
16-01-2025 05:12

Sharing

Report Analysis Logs

General

Target

byte.x86.elf
Size

73KB
MD5

68945c8d25a8717a3435259129c4924f
SHA1

1f5d14aac12a2dca6f0f4f01007045325d43cdb6
SHA256

17529ec36be870b9c139f4c7a5d09ce2b8a8c213423f5a28dbc830c7580af4a4
SHA512

69d61f1e6077a45255a44f01bc25280e37acaf66330318ac4998b248ae63f4ba30a28ec1e5fd0cccbd85824740382c310a9336090072922ea148d4ce6e03840d
SSDEEP

1536:aSYXBbJKbFe5AQZqOtRjX1lxW7//S2xnLs+IJrF/DOn/YUTB/:ybIbFe5wOtB3k7XS2xLCJdinJt/

Score

7^/10

rootkit

Malware Config

Signatures

Loads a kernel module 25 IoCs

Loads a Linux kernel module, potentially to achieve persistence

pid	Process
2488	byte.x86.elf
2491	byte.x86.elf
2491	byte.x86.elf
2491	byte.x86.elf
2491	byte.x86.elf
2491	byte.x86.elf
2491	byte.x86.elf
2491	byte.x86.elf
2491	byte.x86.elf
2491	byte.x86.elf
2491	byte.x86.elf
2491	byte.x86.elf
2491	byte.x86.elf
2491	byte.x86.elf
2491	byte.x86.elf
2491	byte.x86.elf
2491	byte.x86.elf
2491	byte.x86.elf
2491	byte.x86.elf
2491	byte.x86.elf
2491	byte.x86.elf
2491	byte.x86.elf
2491	byte.x86.elf
2491	byte.x86.elf
2491	byte.x86.elf

/tmp/byte.x86.elf
/tmp/byte.x86.elf
1⤵
- Loads a kernel module
PID:2488

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads