Analysis
-
max time kernel
0s -
max time network
127s -
platform
debian-9_armhf -
resource
debian9-armhf-20221111-en -
resource tags
arch:armhfimage:debian9-armhf-20221111-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem -
submitted
09-02-2023 00:28
Behavioral task
behavioral1
Sample
66d4ac8af86caeb43daf77d5d4f01ed5.elf
Resource
debian9-armhf-20221111-en
debian-9-armhf
2 signatures
150 seconds
General
-
Target
66d4ac8af86caeb43daf77d5d4f01ed5.elf
-
Size
157KB
-
MD5
66d4ac8af86caeb43daf77d5d4f01ed5
-
SHA1
c8c06e1bc3000ebf5011215917dd90fe537b6a78
-
SHA256
6809cd3097cafa2c01e393b03098ef771ce6f096318c0bc7c6c8618595e6ddb6
-
SHA512
5e8f4b6f436806f294eb8592664515718db43a89fc47b6e0b20965e76c5e973f71a7e07c8db81411add11a84d7d85331dbf5561b496d0e318391a35587a7ce77
-
SSDEEP
3072:Bi3eg/SaaOfhANbakAslSo9unH5EM/9xEZomgwZBxPQgVa:xg/SatfmNbaEz9unHqM/92omgwZBxIgs
Score
7/10
Malware Config
Signatures
-
Reads system routing table 1 TTPs 1 IoCs
Gets active network interfaces from /proc virtual filesystem.
Processes:
66d4ac8af86caeb43daf77d5d4f01ed5.elfdescription ioc process /proc/net/route /proc/net/route 66d4ac8af86caeb43daf77d5d4f01ed5.elf -
Reads system network configuration 1 TTPs 1 IoCs
Uses contents of /proc filesystem to enumerate network settings.
Processes:
66d4ac8af86caeb43daf77d5d4f01ed5.elfdescription ioc process /proc/net/route /proc/net/route 66d4ac8af86caeb43daf77d5d4f01ed5.elf