Analysis
-
max time kernel
30998s -
max time network
153s -
platform
linux_armhf -
resource
debian9-armhf-en-20211208 -
resource tags
arch:armhfimage:debian9-armhf-en-20211208kernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem -
submitted
30-11-2022 14:00
Behavioral task
behavioral1
Sample
3d2d9ae3ce95a17c1224c3e5143e4b2e06df3a03ee37f8664dfacc081d742794
Resource
debian9-armhf-en-20211208
debian-9-armhf
2 signatures
150 seconds
General
-
Target
3d2d9ae3ce95a17c1224c3e5143e4b2e06df3a03ee37f8664dfacc081d742794
-
Size
129KB
-
MD5
65fc93d5eea27ee9502c75167062af78
-
SHA1
7bbd5b05e3104085d59d0fa0341cba2dd30f1b5d
-
SHA256
3d2d9ae3ce95a17c1224c3e5143e4b2e06df3a03ee37f8664dfacc081d742794
-
SHA512
1bf26264cc91c33bf6a24b21a4d19f92e6ee63a67970c97adde39f09c925b76997c68667cc67be8d12ca11a1af6f54e6e1812d4241e6c5534dad7f782915c49a
-
SSDEEP
3072:RduNfaKDW7OKZpzRHRnYKn+h/8gWI9L/XqnPjmWQ9AKXNY8:TuNfaV7OUn+h/VSjmWQ9A8NY8
Score
7/10
Malware Config
Signatures
-
Reads system routing table 1 TTPs 1 IoCs
Gets active network interfaces from /proc virtual filesystem.
Processes:
3d2d9ae3ce95a17c1224c3e5143e4b2e06df3a03ee37f8664dfacc081d742794description ioc process /proc/net/route /proc/net/route 3d2d9ae3ce95a17c1224c3e5143e4b2e06df3a03ee37f8664dfacc081d742794 -
Reads system network configuration 1 TTPs 1 IoCs
Uses contents of /proc filesystem to enumerate network settings.
Processes:
3d2d9ae3ce95a17c1224c3e5143e4b2e06df3a03ee37f8664dfacc081d742794description ioc process /proc/net/route /proc/net/route 3d2d9ae3ce95a17c1224c3e5143e4b2e06df3a03ee37f8664dfacc081d742794