Overview

overview

10

Static

static

10

a97e719c8b...fc23c3

linux_armhf

7

Analysis

  • max time kernel
    3610s
  • max time network
    159s
  • platform
    linux_armhf
  • resource
    debian9-armhf-en-20211025
  • submitted
    06-12-2021 08:39

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a97e719c8b1ca839c5b977146afc23c3

  • Size

    126KB

  • MD5

    a97e719c8b1ca839c5b977146afc23c3

  • SHA1

    f005874ac8887f1a7fbad50feaa9a0120d895e18

  • SHA256

    7005226ea0a7bf03e830af258814afb7d5ed0936d27b96665a649ec099856f6e

  • SHA512

    bdfb5a067b05b18c01320f9d09372257f295363d51eee2ce02a48ba4676609856b034dac23b15f948e691b8cd46eb7003cf9faabf26b18914bf3ca2f8214e014

Score
7/10

Malware Config

Signatures

  • Reads system routing table 1 TTPs 1 IoCs

    Gets active network interfaces from /proc virtual filesystem.

  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

Processes

  • ./a97e719c8b1ca839c5b977146afc23c3
    ./a97e719c8b1ca839c5b977146afc23c3
    1⤵
    • Reads system routing table
    • Reads system network configuration
    PID:367

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

2
T1016

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads