Analysis
-
max time kernel
149s -
max time network
150s -
platform
ubuntu-24.04_amd64 -
resource
ubuntu2404-amd64-20250307-en -
resource tags
arch:amd64arch:i386image:ubuntu2404-amd64-20250307-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system -
submitted
21/03/2025, 01:32
General
-
Target
x86
-
Size
45KB
-
MD5
19a635024b9bc729d5af802987ed757c
-
SHA1
3b1a758621ecfc9a9cb8d225b714563342149cb0
-
SHA256
07c2afb7002ba2d4f72bea9ea784c7c12dedaa271b3d40207ff745b13768fa52
-
SHA512
c292a912c90495bb7f6d6b882af79bc4bb4ff13509572833525d367417e73b0cce0abc033dfb68ca010f31c2484d4d5b6f5e9d51fbc84b3ce67014b5cdc7594b
-
SSDEEP
768:c8/MjSNW4GBs82WELXamRfWzqNYeZj3hwFEwaKXg+ZdG:c8/MjSNW4GBz3ELFdNYeFhwRaKXhZdG
Malware Config
Signatures
-
Contacts a large (114639) amount of remote hosts 1 TTPs
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows 1 TTPs
This may indicate a network scan to discover remotely running services.
-
Loads a kernel module 64 IoCs
Loads a Linux kernel module, potentially to achieve persistence
pid Process 2513 x86 2515 x86 2514 x86 2514 x86 2514 x86 2515 x86 2515 x86 2514 x86 2514 x86 2515 x86 2515 x86 2514 x86 2514 x86 2515 x86 2515 x86 2514 x86 2514 x86 2514 x86 2515 x86 2515 x86 2514 x86 2514 x86 2514 x86 2514 x86 2514 x86 2515 x86 2515 x86 2514 x86 2514 x86 2514 x86 2514 x86 2515 x86 2515 x86 2514 x86 2514 x86 2514 x86 2514 x86 2514 x86 2514 x86 2515 x86 2515 x86 2514 x86 2514 x86 2514 x86 2514 x86 2515 x86 2515 x86 2514 x86 2514 x86 2515 x86 2515 x86 2514 x86 2514 x86 2514 x86 2514 x86 2514 x86 2514 x86 2515 x86 2515 x86 2514 x86 2514 x86 2514 x86 2514 x86 2514 x86