Linux Analysis Report
ppc.elf

ID:	1541697
Product:	CloudBasic
Start time:	02:53:07
Start date:	25.10.2024
Sample:	ppc.elf
Cookbook:	defaultlinuxfilecookbook.jbs
System description:	Ubuntu Linux 20.04 x64 (Kernel 5.4.0-72, Firefox 91.0, Evince Document Viewer 3.36.10, LibreOffice 6.4.7.2, OpenJDK 11.0.11)
Architecture:	LINUX
MD5:	d2d6975776166a424bb1e9b01e25872f
SHA1:	1efec7714922e3bfa23467f14016f6d704b4fe99
SHA256:	6f463ea4ef110997bc6b62c747d022398e374a3c90a295c1be7afb3587856110
Filetype:	ELF Executable and Linkable format (generic) (4004/1) 100.00%

Name	Type	MD5	SHA1	SHA256

System Summary

Source: classification engine

Classification label: clean0.linELF@0/0@0/0

Malware Analysis System Evasion

Source: /tmp/ppc.elf (PID: 5433)

Queries kernel information via 'uname':

Jump to behavior

Source: ppc.elf, 5433.1.00005580e02ae000.00005580e035e000.rw-.sdmp	Binary or memory string: !/etc/qemu-binfmt/ppc11!hotpluggableq
Source: ppc.elf, 5433.1.00007ffe0d9f0000.00007ffe0da11000.rw-.sdmp	Binary or memory string: x86_64/usr/bin/qemu-ppc/tmp/ppc.elfSUDO_USER=saturninoPATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/binDISPLAY=:1.0XAUTHORITY=/run/user/1000/gdm/XauthoritySUDO_UID=1000TERM=xterm-256colorCOLORTERM=truecolorLOGNAME=rootUSER=rootLANG=en_US.UTF-8SUDO_COMMAND=/bin/bashHOME=/rootMAIL=/var/mail/rootSUDO_GID=1000SHELL=/bin/bash/tmp/ppc.elf
Source: ppc.elf, 5433.1.00005580e02ae000.00005580e035e000.rw-.sdmp	Binary or memory string: /etc/qemu-binfmt/ppc
Source: ppc.elf, 5433.1.00007ffe0d9f0000.00007ffe0da11000.rw-.sdmp	Binary or memory string: /usr/bin/qemu-ppc