c2c4cc78169a4f43a6b7d1921e6e9a8360e385b6f5d6067a9cfa7cd39d23f58d

Analysis

max time kernel
149s
max time network
139s
platform
ubuntu-24.04_amd64
resource
ubuntu2404-amd64-20240523-en
resource tags

arch:amd64arch:i386image:ubuntu2404-amd64-20240523-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system
submitted
02/02/2025, 04:55

Target

c2c4cc78169a4f43a6b7d1921e6e9a8360e385b6f5d6067a9cfa7cd39d23f58d.elf
Size

44KB
MD5

de6d87dcc7cca94ab81cd58afaf293f9
SHA1

cf5307f8c7a5877a4f8c72097c99c409ac5e9e7d
SHA256

c2c4cc78169a4f43a6b7d1921e6e9a8360e385b6f5d6067a9cfa7cd39d23f58d
SHA512

2b603e253fadcba87d3201adc765e0c45bce2b2199a8ee25aeb13334dc021a37c134b4f43f3e476e0f9fa9de3488beb201606b6500a0e7f1f2291f10a08e73c6
SSDEEP

768:gJlFG0NFOL9uzUroWWRCzPuj8C4zqx0gxuM8vhlnNv8mJ:gJlFG0NFOL9uzMJWRCzPYeO7xUvhlNvz

Score

7^/10

rootkit

Loads a kernel module 3 IoCs

Loads a Linux kernel module, potentially to achieve persistence

pid	Process
2492	c2c4cc78169a4f43a6b7d1921e6e9a8360e385b6f5d6067a9cfa7cd39d23f58d.elf
2493	c2c4cc78169a4f43a6b7d1921e6e9a8360e385b6f5d6067a9cfa7cd39d23f58d.elf
2493	c2c4cc78169a4f43a6b7d1921e6e9a8360e385b6f5d6067a9cfa7cd39d23f58d.elf

Unexpected DNS network traffic destination 6 IoCs

Network traffic to other servers than the configured DNS servers was detected on the DNS port.

/tmp/c2c4cc78169a4f43a6b7d1921e6e9a8360e385b6f5d6067a9cfa7cd39d23f58d.elf
/tmp/c2c4cc78169a4f43a6b7d1921e6e9a8360e385b6f5d6067a9cfa7cd39d23f58d.elf
1⤵
- Loads a kernel module
PID:2492