Analysis
-
max time kernel
148s -
max time network
143s -
platform
ubuntu-24.04_amd64 -
resource
ubuntu2404-amd64-20250307-en -
resource tags
arch:amd64arch:i386image:ubuntu2404-amd64-20250307-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system -
submitted
05/04/2025, 12:51
Behavioral task
behavioral1
Sample
GoldAge3ATOx86
Resource
ubuntu2404-amd64-20250307-en
ubuntu-24.04-amd64
2 signatures
150 seconds
General
-
Target
GoldAge3ATOx86
-
Size
37KB
-
MD5
8b02b2f0e440b7d064be3587cd61c600
-
SHA1
300c2166d2a5ff0548fc97c67fb5d57764d54be8
-
SHA256
59d3c1bc98076f369d16c99873b757d35116b13704818e0fb44e52b594671359
-
SHA512
beafe969cc4dfdb6961be229e4a2f25ab1cf4a59df6a1abf88e9d642340fcd8a9fe7d66eee3e4f17100b43a5d937eb643db1657a053a495a3546db7d09981c6a
-
SSDEEP
768:gD8ULxB2FoC8Sa3NStQGmUz3nzyeSTZ1Q4HHZx08OEsJV:gY2b2FP8Sa3NSiGmUz3uJT/rHHZxBOEs
Score
7/10
Malware Config
Signatures
-
Loads a kernel module 64 IoCs
Loads a Linux kernel module, potentially to achieve persistence
pid Process 7458 GoldAge3ATOx86 7458 GoldAge3ATOx86 7461 GoldAge3ATOx86 7461 GoldAge3ATOx86 7461 GoldAge3ATOx86 7461 GoldAge3ATOx86 7458 GoldAge3ATOx86 7458 GoldAge3ATOx86 7461 GoldAge3ATOx86 7461 GoldAge3ATOx86 7458 GoldAge3ATOx86 7458 GoldAge3ATOx86 7461 GoldAge3ATOx86 7461 GoldAge3ATOx86 7458 GoldAge3ATOx86 7458 GoldAge3ATOx86 7461 GoldAge3ATOx86 7461 GoldAge3ATOx86 7458 GoldAge3ATOx86 7458 GoldAge3ATOx86 7461 GoldAge3ATOx86 7461 GoldAge3ATOx86 7458 GoldAge3ATOx86 7458 GoldAge3ATOx86 7461 GoldAge3ATOx86 7461 GoldAge3ATOx86 7458 GoldAge3ATOx86 7458 GoldAge3ATOx86 7461 GoldAge3ATOx86 7461 GoldAge3ATOx86 7458 GoldAge3ATOx86 7458 GoldAge3ATOx86 7461 GoldAge3ATOx86 7461 GoldAge3ATOx86 7458 GoldAge3ATOx86 7458 GoldAge3ATOx86 7461 GoldAge3ATOx86 7461 GoldAge3ATOx86 7458 GoldAge3ATOx86 7458 GoldAge3ATOx86 7461 GoldAge3ATOx86 7461 GoldAge3ATOx86 7458 GoldAge3ATOx86 7458 GoldAge3ATOx86 7461 GoldAge3ATOx86 7461 GoldAge3ATOx86 7458 GoldAge3ATOx86 7458 GoldAge3ATOx86 7461 GoldAge3ATOx86 7461 GoldAge3ATOx86 7458 GoldAge3ATOx86 7458 GoldAge3ATOx86 7461 GoldAge3ATOx86 7461 GoldAge3ATOx86 7458 GoldAge3ATOx86 7458 GoldAge3ATOx86 7458 GoldAge3ATOx86 7458 GoldAge3ATOx86 7461 GoldAge3ATOx86 7461 GoldAge3ATOx86 7461 GoldAge3ATOx86 7458 GoldAge3ATOx86 7461 GoldAge3ATOx86 7458 GoldAge3ATOx86 -
Writes file to tmp directory 1 IoCs
Malware often drops required files in the /tmp directory.
description ioc Process File opened for modification /tmp/hhbhahasbssahbsaass GoldAge3ATOx86