Overview

overview

10

Static

static

10

f139a2fe43...f3.elf

debian-9-armhf

7

Analysis

  • max time kernel
    0s
  • max time network
    127s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20221111-en
  • resource tags

    arch:armhfimage:debian9-armhf-20221111-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    07-02-2023 01:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f139a2fe43f6ca2a27a35ae2df42e4f3.elf

  • Size

    121KB

  • MD5

    f139a2fe43f6ca2a27a35ae2df42e4f3

  • SHA1

    29d652ce79d899c8b1b760ce206f1e009b8386b0

  • SHA256

    7d281a42e7f68db991844932a035175b295894228ece8649730271d591ed72fc

  • SHA512

    0e9ac323c130ffead9e39a269f576a639ea4b0d2ad3f5b14a42bcf90406d23ffa605a4505e7c325513f3d6fcaae0a33cb48e2feb357128652043c4536739766f

  • SSDEEP

    3072:0NJf9avjj1UxcYAEaY5h9s6tlgqmEQ92tX8Q8:49avjjSaY5h9s6gqmEQ92x8Q8

Score
7/10

Malware Config

Signatures

  • Reads system routing table 1 TTPs 1 IoCs

    Gets active network interfaces from /proc virtual filesystem.

  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

Processes

  • /tmp/f139a2fe43f6ca2a27a35ae2df42e4f3.elf
    /tmp/f139a2fe43f6ca2a27a35ae2df42e4f3.elf
    1⤵
    • Reads system routing table
    • Reads system network configuration
    PID:348

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads