Overview

overview

10

Static

static

10

x86

ubuntu-24.04-amd64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    x86

  • Size

    68KB

  • Sample

    250219-xclgnawran

  • MD5

    6a56182d5fe6403cd09c7bbe63d2c08c

  • SHA1

    f0aae8322a17a937e62215e6b3ce0ef5b3b44b5b

  • SHA256

    5a067b7d42af00dd2292692f9df595368418c1ea94609ed747918b85d9c49d69

  • SHA512

    80dc8e23d7560a8a04ef7ae9c896055a4bacdd43c5eb1028eaeed381f6c287eab7a4d57dff2c219b2f05f4c92a73411b085ec1a9dc3fce038cb01a9fa675ce6c

  • SSDEEP

    1536:HafAEdoRs3D25y5uScmhYr/pNeITYNDIIFeg5ORCFYVX0ijP:HeWs3D25y5Tcmhq/p4ITYN9d9FU/

Score
10/10
echobotmiraidiscoverylinuxrootkit

Malware Config

Targets

    • Target

      x86

    • Size

      68KB

    • MD5

      6a56182d5fe6403cd09c7bbe63d2c08c

    • SHA1

      f0aae8322a17a937e62215e6b3ce0ef5b3b44b5b

    • SHA256

      5a067b7d42af00dd2292692f9df595368418c1ea94609ed747918b85d9c49d69

    • SHA512

      80dc8e23d7560a8a04ef7ae9c896055a4bacdd43c5eb1028eaeed381f6c287eab7a4d57dff2c219b2f05f4c92a73411b085ec1a9dc3fce038cb01a9fa675ce6c

    • SSDEEP

      1536:HafAEdoRs3D25y5uScmhYr/pNeITYNDIIFeg5ORCFYVX0ijP:HeWs3D25y5Tcmhq/p4ITYN9d9FU/

    Score
    9/10
    discoveryrootkit

    • Contacts a large (245662) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Loads a kernel module

      Loads a Linux kernel module, potentially to achieve persistence

      rootkit
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks