Overview

overview

10

Static

static

10

2025-03-12...pcrypt

ubuntu-24.04-amd64

7

Analysis

  • max time kernel
    3s
  • max time network
    131s
  • platform
    ubuntu-24.04_amd64
  • resource
    ubuntu2404-amd64-20250307-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2404-amd64-20250307-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system
  • submitted
    12/03/2025, 01:36

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2025-03-12_65220e578f4336346b34444b55d12725_poet-rat_qnapcrypt

  • Size

    4.8MB

  • MD5

    65220e578f4336346b34444b55d12725

  • SHA1

    1a356708c1c509ca60d93ced15d9ad0c128dad0f

  • SHA256

    d23a0a68cf09aeb4a1becb69192e3391dd8d03f3185e781886547ac3a845996f

  • SHA512

    766dd9f385f8966d98f14c08c70d257ff8ba42f821a3038997095582de3ceb46335a11f24b3f25d5d75cabbd2222a0e3627802aab71a56421b5a2aa55f94b82e

  • SSDEEP

    49152:dM//YXG7etsL+6JM10ZlJi+UGfINR3gq6Ax0kDDU5+:i/YWKtUmJNR36e

Score
7/10
rootkit

Malware Config

Signatures

  • Loads a kernel module 11 IoCs

    Loads a Linux kernel module, potentially to achieve persistence

    rootkit

Processes

  • /tmp/2025-03-12_65220e578f4336346b34444b55d12725_poet-rat_qnapcrypt
    /tmp/2025-03-12_65220e578f4336346b34444b55d12725_poet-rat_qnapcrypt
    1⤵
    • Loads a kernel module
    PID:2836

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads