Linux Analysis Report
x86.elf

Overview

General Information

Sample name:	x86.elf
Analysis ID:	1540917
MD5:	11d805f7efb5cce957f58442f596a777
SHA1:	1661337861288462d38fb5ac996640151ba3b493
SHA256:	20b86a2be65662e3e30c7485b43dd220fffd009b9f75b8259184f3d528ae9ad0
Tags:	elfuser-abuse_ch
Infos:

Detection

Score:	56
Range:	0 - 100
Whitelisted:	false

Signatures

Malicious sample detected (through community Yara rule)

Multi AV Scanner detection for submitted file

Yara signature match

Classification

Signatures

AV Detection

Multi AV Scanner detection for submitted file

Source: x86.elf

ReversingLabs: Detection: 13%

System Summary

Malicious sample detected (through community Yara rule)

Source: x86.elf, type: SAMPLE	Matched rule: Linux_Trojan_Mirai_122ff2e6 Author: unknown
Source: x86.elf, type: SAMPLE	Matched rule: Linux_Trojan_Mirai_fa48b592 Author: unknown
Source: 5440.1.0000000008048000.0000000008052000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_122ff2e6 Author: unknown
Source: 5440.1.0000000008048000.0000000008052000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_fa48b592 Author: unknown

Yara signature match

Source: x86.elf, type: SAMPLE	Matched rule: Linux_Trojan_Mirai_122ff2e6 reference_sample = c7dd999a033fa3edc1936785b87cd69ce2f5cac5a084ddfaf527a1094e718bc4, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 3c9ffd7537e30a21eefa6c174f801264b92a85a1bc73e34e6dc9e29f84658348, id = 122ff2e6-56e6-4aa8-a3ec-c19d31eb1f80, last_modified = 2021-09-16
Source: x86.elf, type: SAMPLE	Matched rule: Linux_Trojan_Mirai_fa48b592 reference_sample = c9e33befeec133720b3ba40bb3cd7f636aad80f72f324c5fe65ac7af271c49ee, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 8838d2752b310dbf7d12f6cf023244aaff4fdf5b55cf1e3b71843210df0fcf88, id = fa48b592-8d80-45af-a3e4-232695b8f5dd, last_modified = 2021-09-16
Source: 5440.1.0000000008048000.0000000008052000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_122ff2e6 reference_sample = c7dd999a033fa3edc1936785b87cd69ce2f5cac5a084ddfaf527a1094e718bc4, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 3c9ffd7537e30a21eefa6c174f801264b92a85a1bc73e34e6dc9e29f84658348, id = 122ff2e6-56e6-4aa8-a3ec-c19d31eb1f80, last_modified = 2021-09-16
Source: 5440.1.0000000008048000.0000000008052000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_fa48b592 reference_sample = c9e33befeec133720b3ba40bb3cd7f636aad80f72f324c5fe65ac7af271c49ee, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 8838d2752b310dbf7d12f6cf023244aaff4fdf5b55cf1e3b71843210df0fcf88, id = fa48b592-8d80-45af-a3e4-232695b8f5dd, last_modified = 2021-09-16

Source: classification engine

Classification label: mal56.linELF@0/0@0/0

Screenshots

No Screenshots

Network Map

⊘No contacted IP infos

ID:	1540917
Product:	CloudBasic
Start time:	10:06:11
Start date:	24.10.2024
Sample:	x86.elf
Cookbook:	defaultlinuxfilecookbook.jbs
System description:	Ubuntu Linux 20.04 x64 (Kernel 5.4.0-72, Firefox 91.0, Evince Document Viewer 3.36.10, LibreOffice 6.4.7.2, OpenJDK 11.0.11)
Architecture:	LINUX
MD5:	11d805f7efb5cce957f58442f596a777
SHA1:	1661337861288462d38fb5ac996640151ba3b493
SHA256:	20b86a2be65662e3e30c7485b43dd220fffd009b9f75b8259184f3d528ae9ad0
Filetype:	ELF Executable and Linkable format (Linux) (4029/14) 50.16%

Linux Analysis Report x86.elf

Overview

General Information

Detection

Signatures

Classification

Signatures

AV Detection

System Summary

Screenshots

Network Map

Linux Analysis Report
x86.elf