Analysis
-
max time kernel
8231s -
max time network
149s -
platform
debian-9_armhf -
resource
debian9-armhf-20221111-en -
resource tags
arch:armhfimage:debian9-armhf-20221111-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem -
submitted
15-02-2023 00:10
Behavioral task
behavioral1
Sample
cdecbcae9b78ca9e0db7527052acd4b8.elf
Resource
debian9-armhf-20221111-en
debian-9-armhf
2 signatures
150 seconds
General
-
Target
cdecbcae9b78ca9e0db7527052acd4b8.elf
-
Size
116KB
-
MD5
cdecbcae9b78ca9e0db7527052acd4b8
-
SHA1
242658e94bdb6c26f92afdf8a5e79e3a93868a4c
-
SHA256
95d2d31664236e69c8ee4402a011d621f3bea08ee0aebf7c0a388f30e81e3824
-
SHA512
dbf98603c680f104215646b7e17a64c4de3b1b61373893aa0c0dc5cb1a790a78e2c50bc2c27f0a3e702637e764f30a5819b98e06505889c81dc8544bd881229f
-
SSDEEP
3072:idwracAAviNmLpMQ1xE5hKHKSrbqlAdmyDQUJ1UX4Tn:SwraFgikxE5hKHKnlAdmyDQUJ1a4Tn
Score
7/10
Malware Config
Signatures
-
Reads system routing table 1 TTPs 1 IoCs
Gets active network interfaces from /proc virtual filesystem.
Processes:
cdecbcae9b78ca9e0db7527052acd4b8.elfdescription ioc process /proc/net/route /proc/net/route cdecbcae9b78ca9e0db7527052acd4b8.elf -
Reads system network configuration 1 TTPs 1 IoCs
Uses contents of /proc filesystem to enumerate network settings.
Processes:
cdecbcae9b78ca9e0db7527052acd4b8.elfdescription ioc process /proc/net/route /proc/net/route cdecbcae9b78ca9e0db7527052acd4b8.elf