Linux Analysis Report
na.elf

Overview

General Information

Sample name: na.elf
Analysis ID: 1532516
MD5: 499183b5b8cd25922ba465ead2bdc082
SHA1: f51b4128cbfcfb5fb7acd2a1aa660489c3e84bdd
SHA256: 8d811c3544665226b8764193a04b3f768149925c18b5d5c38c888674a90830fd
Tags: elfuser-abuse_ch
Infos:

Detection

Score: 1
Range: 0 - 100
Whitelisted: false

Signatures

ELF contains segments with high entropy indicating compressed/encrypted content
Sample contains only a LOAD segment without any section mappings

Classification

Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global traffic DNS traffic detected: DNS query: daisy.ubuntu.com
Sample contains only a LOAD segment without any section mappings
Source: LOAD without section mappings Program segment: 0x400000
Source: classification engine Classification label: clean1.linELF@0/0@2/0
ELF contains segments with high entropy indicating compressed/encrypted content
Source: na.elf Submission file: segment LOAD with 7.8992 entropy (max. 8.0)

No Screenshots

No contacted IP infos

Contacted Domains

Name IP Active
daisy.ubuntu.com 162.213.35.24 true