Overview

overview

10

Static

static

10

x86

ubuntu-18.04-amd64

9

x86

ubuntu-20.04-amd64

9

x86

ubuntu-22.04-amd64

9

x86

ubuntu-24.04-amd64

9

Analysis

  • max time kernel
    29s
  • max time network
    30s
  • platform
    ubuntu-24.04_amd64
  • resource
    ubuntu2404-amd64-20250307-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2404-amd64-20250307-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system
  • submitted
    21/03/2025, 01:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    x86

  • Size

    45KB

  • MD5

    19a635024b9bc729d5af802987ed757c

  • SHA1

    3b1a758621ecfc9a9cb8d225b714563342149cb0

  • SHA256

    07c2afb7002ba2d4f72bea9ea784c7c12dedaa271b3d40207ff745b13768fa52

  • SHA512

    c292a912c90495bb7f6d6b882af79bc4bb4ff13509572833525d367417e73b0cce0abc033dfb68ca010f31c2484d4d5b6f5e9d51fbc84b3ce67014b5cdc7594b

  • SSDEEP

    768:c8/MjSNW4GBs82WELXamRfWzqNYeZj3hwFEwaKXg+ZdG:c8/MjSNW4GBz3ELFdNYeFhwRaKXhZdG

Score
9/10
discoveryrootkit

Malware Config

Signatures

  • Contacts a large (22776) amount of remote hosts 1 TTPs

    This may indicate a network scan to discover remotely running services.

    discovery
  • Creates a large amount of network flows 1 TTPs

    This may indicate a network scan to discover remotely running services.

    discovery
  • Loads a kernel module 11 IoCs

    Loads a Linux kernel module, potentially to achieve persistence

    rootkit

Processes

  • /tmp/x86
    /tmp/x86
    1⤵
    • Loads a kernel module
    PID:2512

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads