Overview

overview

10

Static

static

10

283048584e...b66391

linux_armhf

7

Analysis

  • max time kernel
    16362s
  • max time network
    158s
  • platform
    linux_armhf
  • resource
    debian9-armhf-en-20211208
  • submitted
    16-06-2022 02:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    283048584e8441bf63c8612277c468fdddabda873ab1085f3a708c92b5b66391

  • Size

    143KB

  • MD5

    68b5b2c55974d2418074cc28fe257434

  • SHA1

    f0c6ca4d002093acc29d494695f3d6abffcabfd4

  • SHA256

    283048584e8441bf63c8612277c468fdddabda873ab1085f3a708c92b5b66391

  • SHA512

    b6ecfa52a14b87d5dc849ac01b93755a58d31abb2a93d5e00691d90737313a086155007f02931ac1c2510551ca32fd086ebe2466159cf40bce50a7f8b4e2e769

Score
7/10

Malware Config

Signatures

  • Reads system routing table 1 TTPs 1 IoCs

    Gets active network interfaces from /proc virtual filesystem.

  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

Processes

  • ./283048584e8441bf63c8612277c468fdddabda873ab1085f3a708c92b5b66391
    ./283048584e8441bf63c8612277c468fdddabda873ab1085f3a708c92b5b66391
    1⤵
    • Reads system routing table
    • Reads system network configuration
    PID:345

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

2
T1016

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads