Analysis
-
max time kernel
30991s -
max time network
152s -
platform
linux_armhf -
resource
debian9-armhf-en-20211208 -
resource tags
arch:armhfimage:debian9-armhf-en-20211208kernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem -
submitted
30-11-2022 12:47
Behavioral task
behavioral1
Sample
4432dcf3416a7bb738e2e4a0e98a6c78aad2abcd1dfdd4142643639ed401f94e
Resource
debian9-armhf-en-20211208
debian-9-armhf
2 signatures
150 seconds
General
-
Target
4432dcf3416a7bb738e2e4a0e98a6c78aad2abcd1dfdd4142643639ed401f94e
-
Size
146KB
-
MD5
d38b6c951c91d120a0aeba1deb4cbd42
-
SHA1
7f7eb7c8e069470696a1678fee0c4626295e6227
-
SHA256
4432dcf3416a7bb738e2e4a0e98a6c78aad2abcd1dfdd4142643639ed401f94e
-
SHA512
5bbd773a8b390a323dfe6ce4f25879be251c993f7515f7c9ce0489ad33f6d660a610dbe6c679b4a1feee60e18969459205c68e2e33f0909dfb2f2bf6bef8a011
-
SSDEEP
3072:De63VDzi+Xl6B7pafmkX2Q7XFsM/9RfEEdCmLwfCDQSAW:S63VDG+IB7pajGQ7XuM/9RMEcmLwfCE2
Score
7/10
Malware Config
Signatures
-
Reads system routing table 1 TTPs 1 IoCs
Gets active network interfaces from /proc virtual filesystem.
Processes:
4432dcf3416a7bb738e2e4a0e98a6c78aad2abcd1dfdd4142643639ed401f94edescription ioc process /proc/net/route /proc/net/route 4432dcf3416a7bb738e2e4a0e98a6c78aad2abcd1dfdd4142643639ed401f94e -
Reads system network configuration 1 TTPs 1 IoCs
Uses contents of /proc filesystem to enumerate network settings.
Processes:
4432dcf3416a7bb738e2e4a0e98a6c78aad2abcd1dfdd4142643639ed401f94edescription ioc process /proc/net/route /proc/net/route 4432dcf3416a7bb738e2e4a0e98a6c78aad2abcd1dfdd4142643639ed401f94e