Analysis

  • max time kernel
    146s
  • max time network
    152s
  • platform
    ubuntu-24.04_amd64
  • resource
    ubuntu2404-amd64-20240523-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2404-amd64-20240523-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system
  • submitted
    21-01-2025 08:03

General

  • Target

    i586.elf

  • Size

    45KB

  • MD5

    4f131dfe1a6f714f785deed8c9e79937

  • SHA1

    7ae8d54ee2944cb21e2e5b00d522b3c4387fcf50

  • SHA256

    bd8afa347b42aaf0d94a0ab30c0911ba5cba48651c89bf19d2c4a268664c7f42

  • SHA512

    ab6c762786ae382f802bdaef55aa7a519e22a88c37235d6884d2c9ec1ff4d060f31f625a0564b77cfc19109877a20e5a1ec76ad818bfb0f7ebd61388804d0224

  • SSDEEP

    768:13sPWVrWy7PBIe9iFokjlMdMhc0otXzHFxK0U/jww5TKIL91YiG6llM:DD9IciFokjlMdMO0iHrKh/jz5TTLLrGw

Score
7/10

Malware Config

Signatures

  • Loads a kernel module 52 IoCs

    Loads a Linux kernel module, potentially to achieve persistence

  • Writes file to tmp directory 1 IoCs

    Malware often drops required files in the /tmp directory.

Processes

  • /tmp/i586.elf
    /tmp/i586.elf
    1⤵
    • Loads a kernel module
    • Writes file to tmp directory
    PID:2481

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads