4685cfc95825d93fd992b300aa5919433266fb5ba20a44cf220b455816045e9c

Analysis

max time kernel
149s
max time network
150s
platform
ubuntu-18.04_amd64
resource
ubuntu1804-amd64-20240508-en
resource tags

arch:amd64arch:i386image:ubuntu1804-amd64-20240508-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system
submitted
23/02/2025, 10:37

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

318238128.x86.elf
Size

106KB
MD5

eff583050d8459e83bcd5ceab1fcfb1f
SHA1

d010522bc3eae23063aaf7d1234cd5115cdbe26a
SHA256

4685cfc95825d93fd992b300aa5919433266fb5ba20a44cf220b455816045e9c
SHA512

7730ad10a46d51236c52320fa2cdbfe8a635d2cdd408de6e91b740f7c2681479de4dcf66b9f23f7e2c9571a2df9db4db896d33427ac4495ac43d6643f2d66a61
SSDEEP

3072:j6dye4BmJQVphaZw/1vc4MAzkSXmdRWaLHgb4:dVphaZcvrmdRWaDgb4

Score

6^/10

discovery

Malware Config

Signatures

Reads system routing table 1 TTPs 1 IoCs

Gets active network interfaces from /proc virtual filesystem.

discovery

Internet Connection Discovery

T1016.001

description	ioc	Process
File opened for reading	/proc/net/route	318238128.x86.elf

Reads system network configuration 1 TTPs 1 IoCs

Uses contents of /proc filesystem to enumerate network settings.

discovery

Internet Connection Discovery

T1016.001

description	ioc	Process
File opened for reading	/proc/net/route	318238128.x86.elf

/tmp/318238128.x86.elf
/tmp/318238128.x86.elf
1⤵
- Reads system routing table
- Reads system network configuration
PID:1495

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

T1016

Internet Connection Discovery

T1016.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads