Analysis
-
max time kernel
149s -
max time network
147s -
platform
ubuntu-24.04_amd64 -
resource
ubuntu2404-amd64-20240729-en -
resource tags
arch:amd64arch:i386image:ubuntu2404-amd64-20240729-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system -
submitted
02-02-2025 04:44
Behavioral task
behavioral1
Sample
9f7e68ba816e616f9a58237bf578e7f18c53853ef8e1d7d6f11d3c70a6777f84.elf
Resource
ubuntu2404-amd64-20240729-en
ubuntu-24.04-amd64
2 signatures
150 seconds
General
-
Target
9f7e68ba816e616f9a58237bf578e7f18c53853ef8e1d7d6f11d3c70a6777f84.elf
-
Size
56KB
-
MD5
5b4cf3f676a6d14b6136f27544e2ab4a
-
SHA1
acefb5c1037d58dfdd811f13e0ad2298245b4ebd
-
SHA256
9f7e68ba816e616f9a58237bf578e7f18c53853ef8e1d7d6f11d3c70a6777f84
-
SHA512
80e179c6ebffc7d0d981ca20a383ca7d1f3b30da0aa3dc968a7a394a1c4b2a3a16c274df4b91a92440b271c096995a9866d53213663410586d0c9bade72c549d
-
SSDEEP
1536:Cy2cvFZepKTQhui13OD7a/HgeEETWoIwni7ELNP8x9:CoFZepKTJseD7WHgeEETWodn39Q
Score
7/10
Malware Config
Signatures
-
Loads a kernel module 64 IoCs
Loads a Linux kernel module, potentially to achieve persistence
pid Process 2454 9f7e68ba816e616f9a58237bf578e7f18c53853ef8e1d7d6f11d3c70a6777f84.elf 2458 9f7e68ba816e616f9a58237bf578e7f18c53853ef8e1d7d6f11d3c70a6777f84.elf 2458 9f7e68ba816e616f9a58237bf578e7f18c53853ef8e1d7d6f11d3c70a6777f84.elf 2458 9f7e68ba816e616f9a58237bf578e7f18c53853ef8e1d7d6f11d3c70a6777f84.elf 2458 9f7e68ba816e616f9a58237bf578e7f18c53853ef8e1d7d6f11d3c70a6777f84.elf 2458 9f7e68ba816e616f9a58237bf578e7f18c53853ef8e1d7d6f11d3c70a6777f84.elf 2458 9f7e68ba816e616f9a58237bf578e7f18c53853ef8e1d7d6f11d3c70a6777f84.elf 2458 9f7e68ba816e616f9a58237bf578e7f18c53853ef8e1d7d6f11d3c70a6777f84.elf 2458 9f7e68ba816e616f9a58237bf578e7f18c53853ef8e1d7d6f11d3c70a6777f84.elf 2458 9f7e68ba816e616f9a58237bf578e7f18c53853ef8e1d7d6f11d3c70a6777f84.elf 2458 9f7e68ba816e616f9a58237bf578e7f18c53853ef8e1d7d6f11d3c70a6777f84.elf 2458 9f7e68ba816e616f9a58237bf578e7f18c53853ef8e1d7d6f11d3c70a6777f84.elf 2458 9f7e68ba816e616f9a58237bf578e7f18c53853ef8e1d7d6f11d3c70a6777f84.elf 2458 9f7e68ba816e616f9a58237bf578e7f18c53853ef8e1d7d6f11d3c70a6777f84.elf 2458 9f7e68ba816e616f9a58237bf578e7f18c53853ef8e1d7d6f11d3c70a6777f84.elf 2458 9f7e68ba816e616f9a58237bf578e7f18c53853ef8e1d7d6f11d3c70a6777f84.elf 2458 9f7e68ba816e616f9a58237bf578e7f18c53853ef8e1d7d6f11d3c70a6777f84.elf 2458 9f7e68ba816e616f9a58237bf578e7f18c53853ef8e1d7d6f11d3c70a6777f84.elf 2458 9f7e68ba816e616f9a58237bf578e7f18c53853ef8e1d7d6f11d3c70a6777f84.elf 2458 9f7e68ba816e616f9a58237bf578e7f18c53853ef8e1d7d6f11d3c70a6777f84.elf 2458 9f7e68ba816e616f9a58237bf578e7f18c53853ef8e1d7d6f11d3c70a6777f84.elf 2458 9f7e68ba816e616f9a58237bf578e7f18c53853ef8e1d7d6f11d3c70a6777f84.elf 2458 9f7e68ba816e616f9a58237bf578e7f18c53853ef8e1d7d6f11d3c70a6777f84.elf 2458 9f7e68ba816e616f9a58237bf578e7f18c53853ef8e1d7d6f11d3c70a6777f84.elf 2456 9f7e68ba816e616f9a58237bf578e7f18c53853ef8e1d7d6f11d3c70a6777f84.elf 2458 9f7e68ba816e616f9a58237bf578e7f18c53853ef8e1d7d6f11d3c70a6777f84.elf 2458 9f7e68ba816e616f9a58237bf578e7f18c53853ef8e1d7d6f11d3c70a6777f84.elf 2456 9f7e68ba816e616f9a58237bf578e7f18c53853ef8e1d7d6f11d3c70a6777f84.elf 2458 9f7e68ba816e616f9a58237bf578e7f18c53853ef8e1d7d6f11d3c70a6777f84.elf 2458 9f7e68ba816e616f9a58237bf578e7f18c53853ef8e1d7d6f11d3c70a6777f84.elf 2458 9f7e68ba816e616f9a58237bf578e7f18c53853ef8e1d7d6f11d3c70a6777f84.elf 2458 9f7e68ba816e616f9a58237bf578e7f18c53853ef8e1d7d6f11d3c70a6777f84.elf 2458 9f7e68ba816e616f9a58237bf578e7f18c53853ef8e1d7d6f11d3c70a6777f84.elf 2458 9f7e68ba816e616f9a58237bf578e7f18c53853ef8e1d7d6f11d3c70a6777f84.elf 2458 9f7e68ba816e616f9a58237bf578e7f18c53853ef8e1d7d6f11d3c70a6777f84.elf 2458 9f7e68ba816e616f9a58237bf578e7f18c53853ef8e1d7d6f11d3c70a6777f84.elf 2458 9f7e68ba816e616f9a58237bf578e7f18c53853ef8e1d7d6f11d3c70a6777f84.elf 2458 9f7e68ba816e616f9a58237bf578e7f18c53853ef8e1d7d6f11d3c70a6777f84.elf 2458 9f7e68ba816e616f9a58237bf578e7f18c53853ef8e1d7d6f11d3c70a6777f84.elf 2458 9f7e68ba816e616f9a58237bf578e7f18c53853ef8e1d7d6f11d3c70a6777f84.elf 2458 9f7e68ba816e616f9a58237bf578e7f18c53853ef8e1d7d6f11d3c70a6777f84.elf 2458 9f7e68ba816e616f9a58237bf578e7f18c53853ef8e1d7d6f11d3c70a6777f84.elf 2458 9f7e68ba816e616f9a58237bf578e7f18c53853ef8e1d7d6f11d3c70a6777f84.elf 2458 9f7e68ba816e616f9a58237bf578e7f18c53853ef8e1d7d6f11d3c70a6777f84.elf 2458 9f7e68ba816e616f9a58237bf578e7f18c53853ef8e1d7d6f11d3c70a6777f84.elf 2458 9f7e68ba816e616f9a58237bf578e7f18c53853ef8e1d7d6f11d3c70a6777f84.elf 2458 9f7e68ba816e616f9a58237bf578e7f18c53853ef8e1d7d6f11d3c70a6777f84.elf 2458 9f7e68ba816e616f9a58237bf578e7f18c53853ef8e1d7d6f11d3c70a6777f84.elf 2456 9f7e68ba816e616f9a58237bf578e7f18c53853ef8e1d7d6f11d3c70a6777f84.elf 2458 9f7e68ba816e616f9a58237bf578e7f18c53853ef8e1d7d6f11d3c70a6777f84.elf 2458 9f7e68ba816e616f9a58237bf578e7f18c53853ef8e1d7d6f11d3c70a6777f84.elf 2456 9f7e68ba816e616f9a58237bf578e7f18c53853ef8e1d7d6f11d3c70a6777f84.elf 2458 9f7e68ba816e616f9a58237bf578e7f18c53853ef8e1d7d6f11d3c70a6777f84.elf 2458 9f7e68ba816e616f9a58237bf578e7f18c53853ef8e1d7d6f11d3c70a6777f84.elf 2458 9f7e68ba816e616f9a58237bf578e7f18c53853ef8e1d7d6f11d3c70a6777f84.elf 2458 9f7e68ba816e616f9a58237bf578e7f18c53853ef8e1d7d6f11d3c70a6777f84.elf 2458 9f7e68ba816e616f9a58237bf578e7f18c53853ef8e1d7d6f11d3c70a6777f84.elf 2458 9f7e68ba816e616f9a58237bf578e7f18c53853ef8e1d7d6f11d3c70a6777f84.elf 2458 9f7e68ba816e616f9a58237bf578e7f18c53853ef8e1d7d6f11d3c70a6777f84.elf 2458 9f7e68ba816e616f9a58237bf578e7f18c53853ef8e1d7d6f11d3c70a6777f84.elf 2458 9f7e68ba816e616f9a58237bf578e7f18c53853ef8e1d7d6f11d3c70a6777f84.elf 2458 9f7e68ba816e616f9a58237bf578e7f18c53853ef8e1d7d6f11d3c70a6777f84.elf 2458 9f7e68ba816e616f9a58237bf578e7f18c53853ef8e1d7d6f11d3c70a6777f84.elf 2458 9f7e68ba816e616f9a58237bf578e7f18c53853ef8e1d7d6f11d3c70a6777f84.elf -
Writes file to tmp directory 1 IoCs
Malware often drops required files in the /tmp directory.
description ioc Process File opened for modification /tmp/a 9f7e68ba816e616f9a58237bf578e7f18c53853ef8e1d7d6f11d3c70a6777f84.elf