Overview

overview

10

Static

static

10

7abcb7efd4...f3318c

linux_armhf

10

Analysis

  • max time kernel
    17152s
  • max time network
    169s
  • platform
    linux_armhf
  • resource
    debian9-armhf-en-20211208
  • submitted
    25-06-2022 04:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7abcb7efd40cd7f71e46f99d102ef9b6654afcaa321e4fd73a7d35cdf5f3318c

  • Size

    160KB

  • MD5

    a3320fa09178947439668a8cd6481ceb

  • SHA1

    e0f9fe0a917f8d4fcc7ccd4381c71b8362eebac0

  • SHA256

    7abcb7efd40cd7f71e46f99d102ef9b6654afcaa321e4fd73a7d35cdf5f3318c

  • SHA512

    26a0dba6952acd111a92cfd38e77ade7bb2f0caa9275fba849232a5349bf0548aae7920fd752a8404af6217a89172da11293f8d29c230a8f7cb3e74791eef8bc

Score
10/10
persistencesuricata

Malware Config

Signatures

  • suricata: ET MALWARE IRC Nick change on non-standard port

    suricata: ET MALWARE IRC Nick change on non-standard port

    suricata
  • Modifies rc script 1 TTPs 1 IoCs

    Adding/modifying system rc scripts is a common persistence mechanism.

    persistence
  • Reads system routing table 1 TTPs 1 IoCs

    Gets active network interfaces from /proc virtual filesystem.

  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

Processes

  • ./7abcb7efd40cd7f71e46f99d102ef9b6654afcaa321e4fd73a7d35cdf5f3318c
    ./7abcb7efd40cd7f71e46f99d102ef9b6654afcaa321e4fd73a7d35cdf5f3318c
    1⤵
    • Modifies rc script
    PID:363

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads