Analysis
-
max time kernel
1203s -
max time network
159s -
platform
debian-9_armhf -
resource
debian9-armhf-20221111-en -
resource tags
-
submitted
25-11-2022 09:51
General
-
Target
3dd1122bb41177c32fb89f8616a0999707110316ba664e7ce19223436d7d22eb
-
Size
109KB
-
MD5
1473a537d4abaa5532c676d0dbfd3f63
-
SHA1
4429117617931d487bb93b5fec1e74da20434713
-
SHA256
3dd1122bb41177c32fb89f8616a0999707110316ba664e7ce19223436d7d22eb
-
SHA512
c3011bfd02d246fe3b092b151f19e5d5e0a3412884e7416b65d0150a5788e1bbbe5d98837c1070522b2359d3caab5f2d4c4019d2f6aa342612a79f567f05e7a4
-
SSDEEP
3072:BOaMSWo9KW8PuHUdY2M7ccyCGKVhmcQOYMGXzYd:BOaQo9p2MQcyChmcQOYM4zYd
Score
7/10
Malware Config
Signatures
-
Reads system routing table ⋅ 1 TTPs 1 IoCs
Gets active network interfaces from /proc virtual filesystem.
-
Reads system network configuration ⋅ 1 TTPs 1 IoCs
Uses contents of /proc filesystem to enumerate network settings.
Processes
-
/tmp/3dd1122bb41177c32fb89f8616a0999707110316ba664e7ce19223436d7d22ebPID:421/tmp/3dd1122bb41177c32fb89f8616a0999707110316ba664e7ce19223436d7d22ebReads system routing tableReads system network configuration
Network
MITRE ATT&CK Matrix
Collection
Command and Control
Credential Access
Defense Evasion
Discovery
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation
Replay Monitor
00:00
00:00
Downloads
Loading data