Overview

overview

10

Static

static

10

x86_64

ubuntu-18.04-amd64

9

Analysis

  • max time kernel
    40s
  • max time network
    40s
  • platform
    ubuntu-18.04_amd64
  • resource
    ubuntu1804-amd64-20240611-en
  • resource tags

    arch:amd64arch:i386image:ubuntu1804-amd64-20240611-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system
  • submitted
    16-02-2025 23:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    x86_64

  • Size

    53KB

  • MD5

    b7ed0508aa46b3cf5466830246724b92

  • SHA1

    c272358e33146fc7f75a88f4e3bf91d737859a1d

  • SHA256

    696ad18e6cab6debbde8a4ddf3579140c2260cfb189f0dc47bb442c29f86ccaa

  • SHA512

    ad87540adf41366bdb034a0f47b57486977f4ac71b4a1f89d4e8bc57858b05549dfa08e8f30e927565ed0ba3f701b0cd906764acc0a95ab9452611cf55010af9

  • SSDEEP

    1536:KHyLXlX4enUw0iw6rlM1AeG3GwKlFRkku33:LLXloeUw016r+1Ab3GwKlF833

Score
9/10
defense_evasiondiscovery

Malware Config

Signatures

  • Contacts a large (6404) amount of remote hosts 1 TTPs

    This may indicate a network scan to discover remotely running services.

    discovery
  • Modifies Watchdog functionality 1 TTPs 2 IoCs

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    defense_evasion
  • Creates a large amount of network flows 1 TTPs

    This may indicate a network scan to discover remotely running services.

    discovery
  • Writes file to system bin folder 2 IoCs
  • Changes its process name 1 IoCs

Processes

  • /tmp/x86_64
    /tmp/x86_64
    1⤵
    • Modifies Watchdog functionality
    • Writes file to system bin folder
    • Changes its process name
    PID:1530

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads