Analysis
-
max time kernel
8407s -
max time network
153s -
platform
debian-9_armhf -
resource
debian9-armhf-20221111-en -
resource tags
arch:armhfimage:debian9-armhf-20221111-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem -
submitted
17-02-2023 01:06
Behavioral task
behavioral1
Sample
a87b3cd4cfa2dfa58d2f0c88d27c789aaf8e4ce6eb98bc0134304161c554b1bd.elf
Resource
debian9-armhf-20221111-en
debian-9-armhf
2 signatures
150 seconds
General
-
Target
a87b3cd4cfa2dfa58d2f0c88d27c789aaf8e4ce6eb98bc0134304161c554b1bd.elf
-
Size
116KB
-
MD5
32f3a9c6d0521829ce491a807a254371
-
SHA1
d9b5bb81b6dc2549208e4c13b57f6f1cbf6b9571
-
SHA256
a87b3cd4cfa2dfa58d2f0c88d27c789aaf8e4ce6eb98bc0134304161c554b1bd
-
SHA512
46de64198f79c94dc0e35bcaff56686ef1d9c7bc4819c977747736dbb3a954ba32cce7e612e3c0ecec6a24af498c946d49e3df1882121d4fdcac325471a22264
-
SSDEEP
3072:idwracAAviNmLpMQ1xu5hKHKSrbqlAdmyDQUJ1UX4Tn:SwraFgikxu5hKHKnlAdmyDQUJ1a4Tn
Score
7/10
Malware Config
Signatures
-
Reads system routing table 1 TTPs 1 IoCs
Gets active network interfaces from /proc virtual filesystem.
Processes:
a87b3cd4cfa2dfa58d2f0c88d27c789aaf8e4ce6eb98bc0134304161c554b1bd.elfdescription ioc process /proc/net/route /proc/net/route a87b3cd4cfa2dfa58d2f0c88d27c789aaf8e4ce6eb98bc0134304161c554b1bd.elf -
Reads system network configuration 1 TTPs 1 IoCs
Uses contents of /proc filesystem to enumerate network settings.
Processes:
a87b3cd4cfa2dfa58d2f0c88d27c789aaf8e4ce6eb98bc0134304161c554b1bd.elfdescription ioc process /proc/net/route /proc/net/route a87b3cd4cfa2dfa58d2f0c88d27c789aaf8e4ce6eb98bc0134304161c554b1bd.elf