Overview

overview

10

Static

static

10

0eaac033ff...353928

linux_armhf

7

Analysis

  • max time kernel
    15410s
  • max time network
    159s
  • platform
    linux_armhf
  • resource
    debian9-armhf-en-20211208
  • submitted
    04-06-2022 18:09

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0eaac033ff2dba11cfcc10fa6c78a4594c4202540669b75b62fad69ceb353928

  • Size

    105KB

  • MD5

    1246b327d0b0e4dce5632ed08b1002cf

  • SHA1

    95a26f27947e254857d1d645fdfec365f4d81cff

  • SHA256

    0eaac033ff2dba11cfcc10fa6c78a4594c4202540669b75b62fad69ceb353928

  • SHA512

    4d77dc10063aaf62558c009c3aff4827ad23f2e4e98b779d756fb74ce70a61ea96a51f77141e7185ee0bd4372ff3dde5f9267ed6596227f6654d53b9d92844fd

Score
7/10

Malware Config

Signatures

  • Reads system routing table 1 TTPs 1 IoCs

    Gets active network interfaces from /proc virtual filesystem.

  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

Processes

  • ./0eaac033ff2dba11cfcc10fa6c78a4594c4202540669b75b62fad69ceb353928
    ./0eaac033ff2dba11cfcc10fa6c78a4594c4202540669b75b62fad69ceb353928
    1⤵
    • Reads system routing table
    • Reads system network configuration
    PID:355

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

2
T1016

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads