3b1e8562d6f0ebf979d6a959593d2729f1c82881f521da30a7c6fa03ba5bd9a3

Analysis

max time kernel
7545s
max time network
149s
platform
debian-9_armhf
resource
debian9-armhf-20221111-en
resource tags

arch:armhfimage:debian9-armhf-20221111-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
submitted
07-02-2023 01:19

Target

c0d680b917c09bfa05e78ba1032143fd.elf
Size

146KB
MD5

c0d680b917c09bfa05e78ba1032143fd
SHA1

605538c126f0a04f7dad1768d041db0e0b40bc85
SHA256

3b1e8562d6f0ebf979d6a959593d2729f1c82881f521da30a7c6fa03ba5bd9a3
SHA512

86941542d7f88c5a8389a1f207169e165e84cd775c9e1fff4a1a76b82397df59d8b3d29c78994b8b05a27ffcfe82dca7b20059d490a26238a9c21468fb152767
SSDEEP

3072:bjMM7NwA7VWxbZaXmpvh7q07IppH/Wf0sgURKXmQwfHcQrAN:3MM7NZ7QZZawp+07IppH/WoXmQwfHzrq

Score

7^/10

Reads system routing table 1 TTPs 1 IoCs
Gets active network interfaces from /proc virtual filesystem.

System Network Configuration Discovery
T1016

Processes:

c0d680b917c09bfa05e78ba1032143fd.elf

description ioc process

/proc/net/route /proc/net/route c0d680b917c09bfa05e78ba1032143fd.elf
Reads system network configuration 1 TTPs 1 IoCs
Uses contents of /proc filesystem to enumerate network settings.

System Network Configuration Discovery
T1016

Processes:

c0d680b917c09bfa05e78ba1032143fd.elf

description ioc process

/proc/net/route /proc/net/route c0d680b917c09bfa05e78ba1032143fd.elf

description	ioc	process
/proc/net/route	/proc/net/route	c0d680b917c09bfa05e78ba1032143fd.elf

description	ioc	process
/proc/net/route	/proc/net/route	c0d680b917c09bfa05e78ba1032143fd.elf

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact