Overview

overview

10

Static

static

10

8e18773545...b5.elf

debian-9-mipsel

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8e187735456ca8d8906e408ca7d94ab5.elf

  • Size

    123KB

  • Sample

    221201-ajc3jagf92

  • MD5

    8e187735456ca8d8906e408ca7d94ab5

  • SHA1

    3d8321ab989a539d8dec11e2412ba84872a349f1

  • SHA256

    79dfb808118e2ccdc51ca7d93fffa392e05c0271e307a6159ae3ff427beb6aa4

  • SHA512

    fbb2759d3ee157451f098ea787c11df28e32d61830357d99cd4520fa82901ba2c1a52b9a963f08936c082f4651127ec0e63b105070decdf5e11ea64a11fd1405

  • SSDEEP

    1536:/UHeTxCAms/Y8Zm3lKYA43gMJwSkJ8Ep3+DzUh8rmW+IFB1Df11hR/:/UyLqAmgMJM8EF+Dw8rmW+IFB1Dt1hR/

Score
10/10
gafgytdiscovery

Malware Config

Targets

    • Target

      8e187735456ca8d8906e408ca7d94ab5.elf

    • Size

      123KB

    • MD5

      8e187735456ca8d8906e408ca7d94ab5

    • SHA1

      3d8321ab989a539d8dec11e2412ba84872a349f1

    • SHA256

      79dfb808118e2ccdc51ca7d93fffa392e05c0271e307a6159ae3ff427beb6aa4

    • SHA512

      fbb2759d3ee157451f098ea787c11df28e32d61830357d99cd4520fa82901ba2c1a52b9a963f08936c082f4651127ec0e63b105070decdf5e11ea64a11fd1405

    • SSDEEP

      1536:/UHeTxCAms/Y8Zm3lKYA43gMJwSkJ8Ep3+DzUh8rmW+IFB1Df11hR/:/UyLqAmgMJM8EF+Dw8rmW+IFB1Dt1hR/

    Score
    9/10
    discovery

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

    • Reads system network configuration

      Uses contents of /proc filesystem to enumerate network settings.

    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Scanning

1
T1046

System Network Configuration Discovery

2
T1016

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks