Analysis
-
max time kernel
8407s -
max time network
153s -
platform
debian-9_armhf -
resource
debian9-armhf-20221111-en -
resource tags
-
submitted
17-02-2023 01:06
General
-
Target
a87b3cd4cfa2dfa58d2f0c88d27c789aaf8e4ce6eb98bc0134304161c554b1bd.elf
-
Size
116KB
-
MD5
32f3a9c6d0521829ce491a807a254371
-
SHA1
d9b5bb81b6dc2549208e4c13b57f6f1cbf6b9571
-
SHA256
a87b3cd4cfa2dfa58d2f0c88d27c789aaf8e4ce6eb98bc0134304161c554b1bd
-
SHA512
46de64198f79c94dc0e35bcaff56686ef1d9c7bc4819c977747736dbb3a954ba32cce7e612e3c0ecec6a24af498c946d49e3df1882121d4fdcac325471a22264
-
SSDEEP
3072:idwracAAviNmLpMQ1xu5hKHKSrbqlAdmyDQUJ1UX4Tn:SwraFgikxu5hKHKnlAdmyDQUJ1a4Tn
Score
7/10
Malware Config
Signatures
-
Reads system routing table 1 TTPs 1 IoCs
Gets active network interfaces from /proc virtual filesystem.
-
Reads system network configuration 1 TTPs 1 IoCs
Uses contents of /proc filesystem to enumerate network settings.
Processes
-
/tmp/a87b3cd4cfa2dfa58d2f0c88d27c789aaf8e4ce6eb98bc0134304161c554b1bd.elf/tmp/a87b3cd4cfa2dfa58d2f0c88d27c789aaf8e4ce6eb98bc0134304161c554b1bd.elf1⤵
- Reads system routing table
- Reads system network configuration