Analysis
-
max time kernel
149s -
max time network
138s -
platform
ubuntu-24.04_amd64 -
resource
ubuntu2404-amd64-20250307-en -
resource tags
arch:amd64arch:i386image:ubuntu2404-amd64-20250307-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system -
submitted
18/05/2025, 20:05
Static task
static1
General
-
Target
main_x86.elf
-
Size
87KB
-
MD5
16773f1f5c49ae5278fd53bb2e58ec39
-
SHA1
7b537f78c619e0cc2d86a41dd13c845243c455ff
-
SHA256
13bc252e37244f3b54296ddf2b91f1b5c341eab472eb52f197200c89c5c84603
-
SHA512
d14df3682a00cfc03cf675cad9f0159e6d7b093f5c107606eddc7ef6ead429ceeecdfceea797bb3e531f10b34eba468408537861ca1ac232deb3b1ae9bed328f
-
SSDEEP
1536:W/QCZaxGdvts3i5JPhoLwxPu++gzV4UIKqI4FrS4LSf:WYCZa8dvm3oJPhewxP5ZV6KfUmDf
Malware Config
Extracted
Family
latentbot
C2
bothehedoxiahihi.zapto.org
Signatures
-
Latentbot family
-
pid Process 2525 main_x86.elf 2525 main_x86.elf 2525 main_x86.elf -
Writes file to tmp directory 1 IoCs
Malware often drops required files in the /tmp directory.
description ioc Process File opened for modification /tmp/httpd main_x86.elf