Overview

overview

7

Static

static

dc1045129a...47.elf

debian-9-armhf

7

Analysis

  • max time kernel
    4983s
  • max time network
    151s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20221111-en
  • resource tags

    arch:armhfimage:debian9-armhf-20221111-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    08/01/2023, 09:50

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    dc1045129af82c21b61e9ef26b438a47.elf

  • Size

    48KB

  • MD5

    dc1045129af82c21b61e9ef26b438a47

  • SHA1

    ed6c00ac542d473f79629ff222ac811d725dee58

  • SHA256

    3df353bc7bf6cf4e58111f90ede1952ad692bef14c9b4444eabffd6708ad1896

  • SHA512

    4d5ab63b555e3ddc94a2caba2c50dea60cb5c30f630aa6bcd6605ca877131670d8bd160bfa8ca116b6967cc5c9696d4089e7c3c87705441692849f35eb7e01dd

  • SSDEEP

    768:RRIWV7bFcUcrt2QzNedCVsnf/8GkgCs6vto89cJ+qUwY/ktULlbPq3U7Z8mxNaO8:RmWV7mUcj76k55vt5hqg7bTKmzFZ7q

Score
7/10

Malware Config

Signatures

  • Reads system routing table 1 TTPs 1 IoCs

    Gets active network interfaces from /proc virtual filesystem.

  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/dc1045129af82c21b61e9ef26b438a47.elf
    /tmp/dc1045129af82c21b61e9ef26b438a47.elf
    1⤵
    • Reads system routing table
    • Reads system network configuration
    • Reads runtime system information
    PID:359

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads