Overview

overview

10

Static

static

10

acd6a281ed...ee.elf

debian-9-mips

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    37bb2d03feef8a30962b7faa0fedbcab.bin

  • Size

    42KB

  • Sample

    230217-bkq68acf2z

  • MD5

    679753a82286041e68cc4b59021af8e6

  • SHA1

    b7bc53b632e8eb5e6ce1480a579f6e75d6bdd65a

  • SHA256

    39f795be1a642c10762c110d77d21fd9309dc7df6a59c4e1076b30c5abbbb849

  • SHA512

    26ff1e02ad514c7d0b628d022ae72b5d53bce7e860b9e783141aecf0a4e9beab0c558a21b808d44a7c9ccc28aa630e174ac6ce2ca902ee6c4e7c22362d09220c

  • SSDEEP

    768:QGMimM4PrSozSf7sAlmpH5BVkIpyY9BF+KKvyRC8Fx/P/sIiSrdri49IT0:QrDJrSozSf7sAopZyYfF+KY0xfsI1FIo

Score
10/10
gafgytdiscovery

Malware Config

Targets

    • Target

      acd6a281ed7d815ecb4cd6f2b7895991448348dedeed2fe0dd59bc8909c4f5ee.elf

    • Size

      113KB

    • MD5

      37bb2d03feef8a30962b7faa0fedbcab

    • SHA1

      660610d3c3086621181501c532911d8c01f9c1b7

    • SHA256

      acd6a281ed7d815ecb4cd6f2b7895991448348dedeed2fe0dd59bc8909c4f5ee

    • SHA512

      5dc8156025268c476c8164b32e8247205b557b4e8c6a847de599813fe9c95ee8bc3016230e9ad454b684f4c5a3186146e5ac9f1c7f483b80d1686df448220dc1

    • SSDEEP

      3072:C/4g3Kd1rG5hZmxgA9OKdwwjF9GhsR1Ae:O9anG5hZLHKdwwjF9GhsR1Ae

    Score
    7/10
    discovery

    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Reads system network configuration

      Uses contents of /proc filesystem to enumerate network settings.

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks