7c3b7d80a9f95b61e3a56a62493c5f3336eabd766a17d2d07e28d01ec750f7eb

Analysis

max time kernel
10s
max time network
13s
platform
ubuntu-24.04_amd64
resource
ubuntu2404-amd64-20240523-en
resource tags

arch:amd64arch:i386image:ubuntu2404-amd64-20240523-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system
submitted
17-02-2025 12:18

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

kre4per.x86
Size

53KB
MD5

7ffbdf8a1d617b2c93d5fc520ccb31cc
SHA1

5dbe3ceeb1e58a61671b74d040b809d343d24b53
SHA256

7c3b7d80a9f95b61e3a56a62493c5f3336eabd766a17d2d07e28d01ec750f7eb
SHA512

3de46ad924e9ceab846f2a09933a1cb654e5e70c8a4bf84d395c8492470b8bcc0afc838b3f4ceb8086c81e4beba5c2884bd59a202d6c682ae58c6d2a28766727
SSDEEP

1536:O13kynNjv6czSEZeLmI37KNCgoTcpoQzWxS2RAfah5cQ:AUyntv6cuEZ437KAgowpoeiSi1D

Score

9^/10

discovery rootkit

Malware Config

Signatures

Contacts a large (8662) amount of remote hosts 1 TTPs
This may indicate a network scan to discover remotely running services.
discovery

Network Service Discovery
T1046

Loads a kernel module 1 IoCs

Loads a Linux kernel module, potentially to achieve persistence

rootkit

pid	Process
2820	kre4per.x86

Creates a large amount of network flows 1 TTPs
This may indicate a network scan to discover remotely running services.
discovery

Network Service Discovery
T1046

Writes file to tmp directory 1 IoCs

Malware often drops required files in the /tmp directory.

description	ioc	Process
File opened for modification	/tmp/wCqFzFylhjyrluxg=0	kre4per.x86

/tmp/kre4per.x86
/tmp/kre4per.x86
1⤵
- Loads a kernel module
- Writes file to tmp directory
PID:2820

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

T1046

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads