Linux Analysis Report
kind-linux-amd64_infectedQ

Overview

General Information

Sample name:	kind-linux-amd64_infectedQ
Analysis ID:	1520811
MD5:	d20d60208676a13ff058eac2e67855f6
SHA1:	fc3c3d158f763b0009781a6f8d65f783f83d1d2a
SHA256:	949f81b3c30ca03a3d4effdecda04f100fa3edc07a28b19400f72ede7c5f0491

Detection

Score:	48
Range:	0 - 100
Whitelisted:	false

Signatures

Multi AV Scanner detection for submitted file

Sample and/or dropped files contains symbols with suspicious names

Classification

Signatures

AV Detection

Multi AV Scanner detection for submitted file

Source: kind-linux-amd64_infectedQ

ReversingLabs: Detection: 29%

Source: kind-linux-amd64_infectedQ	String found in binary or memory: https://github.com/kubernetes-sigs/kind/issues/1726
Source: kind-linux-amd64_infectedQ	String found in binary or memory: https://github.com/kubernetes/kubernetes/pull/99471
Source: kind-linux-amd64_infectedQ	String found in binary or memory: https://github.com/rancher/local-path-provisioner
Source: kind-linux-amd64_infectedQ	String found in binary or memory: https://kind.sigs.k8s.io/#community
Source: kind-linux-amd64_infectedQ	String found in binary or memory: https://kind.sigs.k8s.io/docs/user/quick-start/Build
Source: kind-linux-amd64_infectedQ	String found in binary or memory: https://kind.sigs.k8s.io/docs/user/rootless/00010203040506070809101112131415161718192021222324252627
Source: kind-linux-amd64_infectedQ	String found in binary or memory: https://kind.sigs.k8s.io/docs/user/rootless/aix
Source: kind-linux-amd64_infectedQ	String found in binary or memory: https://kind.sigs.k8s.io/docs/user/rootless/if

Sample and/or dropped files contains symbols with suspicious names

Source: kind-linux-amd64_infectedQ	ELF static info symbol of initial sample: archive/tar.(*headerGNU).UserName
Source: kind-linux-amd64_infectedQ	ELF static info symbol of initial sample: archive/tar.(*headerSTAR).UserName
Source: kind-linux-amd64_infectedQ	ELF static info symbol of initial sample: archive/tar.(*headerUSTAR).UserName
Source: kind-linux-amd64_infectedQ	ELF static info symbol of initial sample: bufio.(*Scanner).Scan
Source: kind-linux-amd64_infectedQ	ELF static info symbol of initial sample: encoding/json.(*scanner).eof
Source: kind-linux-amd64_infectedQ	ELF static info symbol of initial sample: encoding/json.(*scanner).popParseState
Source: kind-linux-amd64_infectedQ	ELF static info symbol of initial sample: encoding/json.(*scanner).pushParseState
Source: kind-linux-amd64_infectedQ	ELF static info symbol of initial sample: encoding/json.freeScanner
Source: kind-linux-amd64_infectedQ	ELF static info symbol of initial sample: encoding/json.newScanner
Source: kind-linux-amd64_infectedQ	ELF static info symbol of initial sample: encoding/json.scannerPool

Source: classification engine

Classification label: mal48.lin@0/0@0/0

Source: ELF file section

Submission: kind-linux-amd64_infectedQ

Screenshots

No Screenshots

Network Map

⊘No contacted IP infos

ID:	1520811
Product:	CloudBasic
Start time:	23:52:19
Start date:	27.09.2024
Sample:	kind-linux-amd64_infectedQ
Cookbook:	defaultlinuxfilecookbook.jbs
System description:	Ubuntu Linux 16.04 x64 (Kernel 4.4.0-116, Firefox 88.0, Document Viewer 3.18.2, LibreOffice 5.1.6.2, OpenJDK 1.8.0_171)
Architecture:	LINUX
MD5:	d20d60208676a13ff058eac2e67855f6
SHA1:	fc3c3d158f763b0009781a6f8d65f783f83d1d2a
SHA256:	949f81b3c30ca03a3d4effdecda04f100fa3edc07a28b19400f72ede7c5f0491
Filetype:	ELF Executable and Linkable format (Linux) (4029/14) 49.77%

Linux Analysis Report
kind-linux-amd64_infectedQ

Overview

General Information

Detection

Signatures

Classification

Signatures

AV Detection

Networking

System Summary

Screenshots

Network Map

Linux Analysis Report kind-linux-amd64_infectedQ

Overview

General Information

Detection

Signatures

Classification

Signatures

AV Detection

Networking

System Summary

Screenshots

Network Map

Linux Analysis Report
kind-linux-amd64_infectedQ