Overview

overview

10

Static

static

10

2a7987a3bd...7e.elf

debian-9-armhf

7

Analysis

  • max time kernel
    0s
  • max time network
    126s
  • platform
    linux_armhf
  • resource
    debian9-armhf-en-20211208
  • resource tags

    arch:armhfimage:debian9-armhf-en-20211208kernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    16-02-2023 06:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2a7987a3bda5d7044eb212e2470a807e.elf

  • Size

    152KB

  • MD5

    2a7987a3bda5d7044eb212e2470a807e

  • SHA1

    914170e9f55bd459e08b2c11dcb91f070097dc16

  • SHA256

    bcdad12827348783db1f4b94c3808143272410ca289c2d611410811deda8e416

  • SHA512

    e4d4bdec9a1f7fe5d0ef42870262eb59eabc5ffb080c3fcbc602e88124b9abe5510bbf698e6e2c6a45587d36e447e30f1395e24863de270d5b42454ecfadbf54

  • SSDEEP

    3072:MhL17g6Cy++t/8teEyZ0YeVae1KJZYjlyXZ1Y6AgPculGmyOEQrCUEGT:aqyZneVae1KNZ1SgPFGmyOEQrCUEGT

Score
7/10

Malware Config

Signatures

  • Reads system routing table 1 TTPs 1 IoCs

    Gets active network interfaces from /proc virtual filesystem.

  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

Processes

  • /tmp/2a7987a3bda5d7044eb212e2470a807e.elf
    /tmp/2a7987a3bda5d7044eb212e2470a807e.elf
    1⤵
    • Reads system routing table
    • Reads system network configuration
    PID:355

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads