Analysis
-
max time kernel
30998s -
max time network
150s -
platform
linux_armhf -
resource
debian9-armhf-en-20211208 -
resource tags
arch:armhfimage:debian9-armhf-en-20211208kernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem -
submitted
30-11-2022 13:33
Behavioral task
behavioral1
Sample
e093cc3d982ebb1b057fdc672eaa4a454c5c555d0b3690f7beb95f40d9ee2d96
Resource
debian9-armhf-en-20211208
debian-9-armhf
2 signatures
150 seconds
General
-
Target
e093cc3d982ebb1b057fdc672eaa4a454c5c555d0b3690f7beb95f40d9ee2d96
-
Size
156KB
-
MD5
fd6650b798cad9b77e3caeba9a22d93e
-
SHA1
5df498f3fb6525085b405f6682068d8ca892b75e
-
SHA256
e093cc3d982ebb1b057fdc672eaa4a454c5c555d0b3690f7beb95f40d9ee2d96
-
SHA512
4456788d2a3dbc4c07a24bbb42a1d9a296215b498352f443302aa89af58a7602047e0af2bbca6335bf33fa85865b45ca80a15e33841bf62728d2c5538e2c0f32
-
SSDEEP
3072:f1g2GIFdVzLOc/A6g2ag0/RPmnyLRM/918NmFwfBxKQodn:tg2RFdVzCc/Xg2an9mnydM/98mFwfBxE
Score
7/10
Malware Config
Signatures
-
Reads system routing table 1 TTPs 1 IoCs
Gets active network interfaces from /proc virtual filesystem.
Processes:
e093cc3d982ebb1b057fdc672eaa4a454c5c555d0b3690f7beb95f40d9ee2d96description ioc process /proc/net/route /proc/net/route e093cc3d982ebb1b057fdc672eaa4a454c5c555d0b3690f7beb95f40d9ee2d96 -
Reads system network configuration 1 TTPs 1 IoCs
Uses contents of /proc filesystem to enumerate network settings.
Processes:
e093cc3d982ebb1b057fdc672eaa4a454c5c555d0b3690f7beb95f40d9ee2d96description ioc process /proc/net/route /proc/net/route e093cc3d982ebb1b057fdc672eaa4a454c5c555d0b3690f7beb95f40d9ee2d96