Overview

overview

10

Static

static

10

cdecbcae9b...b8.elf

debian-9-armhf

7

Analysis

  • max time kernel
    8231s
  • max time network
    149s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20221111-en
  • resource tags

    arch:armhfimage:debian9-armhf-20221111-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    15-02-2023 00:10

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    cdecbcae9b78ca9e0db7527052acd4b8.elf

  • Size

    116KB

  • MD5

    cdecbcae9b78ca9e0db7527052acd4b8

  • SHA1

    242658e94bdb6c26f92afdf8a5e79e3a93868a4c

  • SHA256

    95d2d31664236e69c8ee4402a011d621f3bea08ee0aebf7c0a388f30e81e3824

  • SHA512

    dbf98603c680f104215646b7e17a64c4de3b1b61373893aa0c0dc5cb1a790a78e2c50bc2c27f0a3e702637e764f30a5819b98e06505889c81dc8544bd881229f

  • SSDEEP

    3072:idwracAAviNmLpMQ1xE5hKHKSrbqlAdmyDQUJ1UX4Tn:SwraFgikxE5hKHKnlAdmyDQUJ1a4Tn

Score
7/10

Malware Config

Signatures

  • Reads system routing table 1 TTPs 1 IoCs

    Gets active network interfaces from /proc virtual filesystem.

  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

Processes

  • /tmp/cdecbcae9b78ca9e0db7527052acd4b8.elf
    /tmp/cdecbcae9b78ca9e0db7527052acd4b8.elf
    1⤵
    • Reads system routing table
    • Reads system network configuration
    PID:349

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads