Linux Analysis Report
Mf9dMcU3qj.elf

Overview

General Information

Sample name: Mf9dMcU3qj.elf
renamed because original name is a hash value
Original sample name: 9b66fc49308ae25c1435869951f0ec3e.elf
Analysis ID: 1532248
MD5: 9b66fc49308ae25c1435869951f0ec3e
SHA1: f892119b9c93ad2ebe535427e99e5a611f87bf10
SHA256: acf9476a09014d622b6ff844d90ffb4f7b3cf5c9147fe92f9954f01215ccb2a4
Tags: 32elfintelmirai
Infos:

Detection

Score: 60
Range: 0 - 100
Whitelisted: false

Signatures

Antivirus / Scanner detection for submitted sample
Multi AV Scanner detection for submitted file
Machine Learning detection for sample
Sample has stripped symbol table

Classification

AV Detection
barindex
Antivirus / Scanner detection for submitted sample
Source: Mf9dMcU3qj.elf Avira: detected
Multi AV Scanner detection for submitted file
Source: Mf9dMcU3qj.elf ReversingLabs: Detection: 57%
Source: Mf9dMcU3qj.elf Virustotal: Detection: 40% Perma Link
Machine Learning detection for sample
Source: Mf9dMcU3qj.elf Joe Sandbox ML: detected
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global traffic DNS traffic detected: DNS query: daisy.ubuntu.com
Sample has stripped symbol table
Source: ELF static info symbol of initial sample .symtab present: no
Source: classification engine Classification label: mal60.linELF@0/0@2/0
windows-stand
No contacted IP infos

Contacted Domains

Name IP Active
daisy.ubuntu.com 162.213.35.24 true