Overview

overview

10

Static

static

10

e093cc3d98...ee2d96

debian-9-armhf

7

Analysis

  • max time kernel
    30998s
  • max time network
    150s
  • platform
    linux_armhf
  • resource
    debian9-armhf-en-20211208
  • resource tags

    arch:armhfimage:debian9-armhf-en-20211208kernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    30-11-2022 13:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    e093cc3d982ebb1b057fdc672eaa4a454c5c555d0b3690f7beb95f40d9ee2d96

  • Size

    156KB

  • MD5

    fd6650b798cad9b77e3caeba9a22d93e

  • SHA1

    5df498f3fb6525085b405f6682068d8ca892b75e

  • SHA256

    e093cc3d982ebb1b057fdc672eaa4a454c5c555d0b3690f7beb95f40d9ee2d96

  • SHA512

    4456788d2a3dbc4c07a24bbb42a1d9a296215b498352f443302aa89af58a7602047e0af2bbca6335bf33fa85865b45ca80a15e33841bf62728d2c5538e2c0f32

  • SSDEEP

    3072:f1g2GIFdVzLOc/A6g2ag0/RPmnyLRM/918NmFwfBxKQodn:tg2RFdVzCc/Xg2an9mnydM/98mFwfBxE

Score
7/10

Malware Config

Signatures

  • Reads system routing table 1 TTPs 1 IoCs

    Gets active network interfaces from /proc virtual filesystem.

  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

Processes

  • /tmp/e093cc3d982ebb1b057fdc672eaa4a454c5c555d0b3690f7beb95f40d9ee2d96
    /tmp/e093cc3d982ebb1b057fdc672eaa4a454c5c555d0b3690f7beb95f40d9ee2d96
    1⤵
    • Reads system routing table
    • Reads system network configuration
    PID:352

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

2
T1016

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads