585af71cafd52836796d3285345090c5f9e806983070b033292816626fb843b7 | Triage

Analysis

max time kernel
147s
max time network
148s
platform
ubuntu-24.04_amd64
resource
ubuntu2404-amd64-20250307-en
resource tags

arch:amd64arch:i386image:ubuntu2404-amd64-20250307-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system
submitted
10/04/2025, 09:04

Sharing

Report Analysis Logs

General

Target

x-3.2-.ISIS.elf
Size

84KB
MD5

585945c5fdc62f1ae111815936ee69cf
SHA1

77aaae65a749cf6c5d3d3c51c88dfcb7eb311970
SHA256

585af71cafd52836796d3285345090c5f9e806983070b033292816626fb843b7
SHA512

851b19c05471c05742516681550c9bade5345033c42ddef2155f01e4dedc6571387cdda83093eb73fcada3983e80894bd2263a527d8aa61558b42343ee4a1640
SSDEEP

1536:sQmab6bXPm8VjWWHT0im5t3ItTShKW6GLdUF5MI5AtpgwPUOGHfV+mLI2VOYjXUd:Oab6bXPm8VjWWHT0B5t4tcnBUF5MI5d4

Score

7^/10

rootkit

Malware Config

Signatures

Loads a kernel module 58 IoCs

Loads a Linux kernel module, potentially to achieve persistence

pid	Process
2522	x-3.2-.ISIS.elf
2522	x-3.2-.ISIS.elf
2522	x-3.2-.ISIS.elf
2522	x-3.2-.ISIS.elf
2522	x-3.2-.ISIS.elf
2522	x-3.2-.ISIS.elf
2522	x-3.2-.ISIS.elf
2522	x-3.2-.ISIS.elf
2522	x-3.2-.ISIS.elf
2522	x-3.2-.ISIS.elf
2522	x-3.2-.ISIS.elf
2522	x-3.2-.ISIS.elf
2522	x-3.2-.ISIS.elf
2522	x-3.2-.ISIS.elf
2522	x-3.2-.ISIS.elf
2522	x-3.2-.ISIS.elf
2522	x-3.2-.ISIS.elf
2522	x-3.2-.ISIS.elf
2522	x-3.2-.ISIS.elf
2522	x-3.2-.ISIS.elf
2522	x-3.2-.ISIS.elf
2522	x-3.2-.ISIS.elf
2522	x-3.2-.ISIS.elf
2522	x-3.2-.ISIS.elf
2522	x-3.2-.ISIS.elf
2522	x-3.2-.ISIS.elf
2522	x-3.2-.ISIS.elf
2522	x-3.2-.ISIS.elf
2522	x-3.2-.ISIS.elf
2522	x-3.2-.ISIS.elf
2522	x-3.2-.ISIS.elf
2522	x-3.2-.ISIS.elf
2522	x-3.2-.ISIS.elf
2522	x-3.2-.ISIS.elf
2522	x-3.2-.ISIS.elf
2522	x-3.2-.ISIS.elf
2522	x-3.2-.ISIS.elf
2522	x-3.2-.ISIS.elf
2522	x-3.2-.ISIS.elf
2522	x-3.2-.ISIS.elf
2522	x-3.2-.ISIS.elf
2522	x-3.2-.ISIS.elf
2522	x-3.2-.ISIS.elf
2522	x-3.2-.ISIS.elf
2522	x-3.2-.ISIS.elf
2522	x-3.2-.ISIS.elf
2522	x-3.2-.ISIS.elf
2522	x-3.2-.ISIS.elf
2522	x-3.2-.ISIS.elf
2522	x-3.2-.ISIS.elf
2522	x-3.2-.ISIS.elf
2522	x-3.2-.ISIS.elf
2522	x-3.2-.ISIS.elf
2522	x-3.2-.ISIS.elf
2522	x-3.2-.ISIS.elf
2522	x-3.2-.ISIS.elf
2522	x-3.2-.ISIS.elf
2522	x-3.2-.ISIS.elf

/tmp/x-3.2-.ISIS.elf
/tmp/x-3.2-.ISIS.elf
1⤵
- Loads a kernel module
PID:2520

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads