0b20c38643f932823b42b4f2ac60def86ef6b4e33c92b7f27e556cce21070ea0

Analysis

max time kernel
139s
max time network
146s
platform
ubuntu-22.04_amd64
resource
ubuntu2204-amd64-20250307-en
resource tags

arch:amd64arch:i386image:ubuntu2204-amd64-20250307-enkernel:5.15.0-105-genericlocale:en-usos:ubuntu-22.04-amd64system
submitted
10/04/2025, 01:33

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

x-8.6-.ISIS.elf
Size

97KB
MD5

39c7be9a3c60b82d67c40867d1b874c0
SHA1

4a86726fa3eed43894ff059fd87161e9ff3effeb
SHA256

0b20c38643f932823b42b4f2ac60def86ef6b4e33c92b7f27e556cce21070ea0
SHA512

5b38d9cbb1d7d3523c12c9bd6646568ab9a1d628ee9e3a7221659604587dc0858055e2d4284adf9ebcbeacebbddf824b9466ed9434007b637011e3f459d90164
SSDEEP

3072:2K5ejA4jB4h89HOPQzM9FqVy69W9vmrYuOHy+ZNzX:sHjBzuPQQQk9vmrYuOHy+ZNzX

Score

6^/10

discovery

Malware Config

Signatures

Reads system routing table 1 TTPs 1 IoCs

Gets active network interfaces from /proc virtual filesystem.

discovery

Internet Connection Discovery

T1016.001

description	ioc	Process
File opened for reading	/proc/net/route	x-8.6-.ISIS.elf

Reads system network configuration 1 TTPs 1 IoCs

Uses contents of /proc filesystem to enumerate network settings.

discovery

Internet Connection Discovery

T1016.001

description	ioc	Process
File opened for reading	/proc/net/route	x-8.6-.ISIS.elf

/tmp/x-8.6-.ISIS.elf
/tmp/x-8.6-.ISIS.elf
1⤵
- Reads system routing table
- Reads system network configuration
PID:1571

Network

MITRE ATT&CK Enterprise v16

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

T1016

Internet Connection Discovery

T1016.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v16

Replay Monitor

Loading Replay Monitor...

Downloads