General
-
Target
789eb5434280fb0c10bbe3d89536754d.elf
-
Size
138KB
-
Sample
230215-amsmdsha97
-
MD5
789eb5434280fb0c10bbe3d89536754d
-
SHA1
1a5f3d3a625789f95e4e35a11b64859870c97afe
-
SHA256
f8158b2713f0c188a5e225f9133bbfa45440146dfa207dd07e0383e822ea812c
-
SHA512
985fa3026e6be105ece1a690f08f7bde68ec8ddc9ce81e910990273e02e9f9528b1033d4fa868a67ba269b2fa709d101e9723334099424a131f1e2fcb897433f
-
SSDEEP
3072:1hEdC1wadWINYgKWf7kHAp02MZ/J2d6z81ozF6GjmrQ9YJrXFT2:1h46wacoYgy2MZ/HZjmrQ9YJbFT2
Behavioral task
behavioral1
Sample
789eb5434280fb0c10bbe3d89536754d.elf
Resource
debian9-armhf-en-20211208
Malware Config
Targets
-
-
Target
789eb5434280fb0c10bbe3d89536754d.elf
-
Size
138KB
-
MD5
789eb5434280fb0c10bbe3d89536754d
-
SHA1
1a5f3d3a625789f95e4e35a11b64859870c97afe
-
SHA256
f8158b2713f0c188a5e225f9133bbfa45440146dfa207dd07e0383e822ea812c
-
SHA512
985fa3026e6be105ece1a690f08f7bde68ec8ddc9ce81e910990273e02e9f9528b1033d4fa868a67ba269b2fa709d101e9723334099424a131f1e2fcb897433f
-
SSDEEP
3072:1hEdC1wadWINYgKWf7kHAp02MZ/J2d6z81ozF6GjmrQ9YJrXFT2:1h46wacoYgy2MZ/HZjmrQ9YJbFT2
Score9/10-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies hosts file
Adds to hosts file used for mapping hosts to IP addresses.
-
Reads system routing table
Gets active network interfaces from /proc virtual filesystem.
-
Reads system network configuration
Uses contents of /proc filesystem to enumerate network settings.
-