General
-
Target
e20ee477ebae66cedef727fcc055b4a3.elf
-
Size
156KB
-
Sample
221201-ajc3jagf87
-
MD5
e20ee477ebae66cedef727fcc055b4a3
-
SHA1
fc98f0d40ea82f0a5862cd80f3b5457833e40365
-
SHA256
275b2caccfc78a06b49d3bf44e13f996092666f63d9f478e8e2b38fb7b8d021f
-
SHA512
7886b5240e849ffc2bbf8a429ee827949e44c34e11cd74b09c8f348d16cca7476192e0955497ed9c7419ead96c45cbf1d3b3e7627fb37b83dab270a1b31cb354
-
SSDEEP
3072:T1g2/eINNlzx2kkQCMOaQcvBdYnyLRM/9q3tmFwfBxKQodn:hg2hNNlzIkk/MOa/DYnydM/9MmFwfBxE
Behavioral task
behavioral1
Sample
e20ee477ebae66cedef727fcc055b4a3.elf
Resource
debian9-armhf-en-20211208
Malware Config
Targets
-
-
Target
e20ee477ebae66cedef727fcc055b4a3.elf
-
Size
156KB
-
MD5
e20ee477ebae66cedef727fcc055b4a3
-
SHA1
fc98f0d40ea82f0a5862cd80f3b5457833e40365
-
SHA256
275b2caccfc78a06b49d3bf44e13f996092666f63d9f478e8e2b38fb7b8d021f
-
SHA512
7886b5240e849ffc2bbf8a429ee827949e44c34e11cd74b09c8f348d16cca7476192e0955497ed9c7419ead96c45cbf1d3b3e7627fb37b83dab270a1b31cb354
-
SSDEEP
3072:T1g2/eINNlzx2kkQCMOaQcvBdYnyLRM/9q3tmFwfBxKQodn:hg2hNNlzIkk/MOa/DYnydM/9MmFwfBxE
Score7/10-
Reads system routing table
Gets active network interfaces from /proc virtual filesystem.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Reads system network configuration
Uses contents of /proc filesystem to enumerate network settings.
-