100450f4ef5914547969e806dc14830d861216a2f4ba0c7b29216309826a39de

Analysis

max time kernel
0s
max time network
127s
platform
debian-9_armhf
resource
debian9-armhf-20221111-en
resource tags

arch:armhfimage:debian9-armhf-20221111-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
submitted
08-03-2023 09:26

Target

7feabca2dc9e6be1184391a9f3a8bd98.elf
Size

116KB
MD5

7feabca2dc9e6be1184391a9f3a8bd98
SHA1

77e428088331875f98f3c926757dd2324c1d2ac4
SHA256

100450f4ef5914547969e806dc14830d861216a2f4ba0c7b29216309826a39de
SHA512

659b0b12d5934b3a24a759211f59d5db44bec18bff50f26317f20962ea32576e10624ce4103fd83e1dd88c434131171e2ea60080d49192a3049995c26525432b
SSDEEP

3072:idwracAAviNmLpMQ1xe5hKHKSrbqlAdmyDQUJ1UX4Tn:SwraFgikxe5hKHKnlAdmyDQUJ1a4Tn

Score

7^/10

Reads system routing table 1 TTPs 1 IoCs
Gets active network interfaces from /proc virtual filesystem.

System Network Configuration Discovery
T1016

Processes:

7feabca2dc9e6be1184391a9f3a8bd98.elf

description ioc process

/proc/net/route /proc/net/route 7feabca2dc9e6be1184391a9f3a8bd98.elf
Reads system network configuration 1 TTPs 1 IoCs
Uses contents of /proc filesystem to enumerate network settings.

System Network Configuration Discovery
T1016

Processes:

7feabca2dc9e6be1184391a9f3a8bd98.elf

description ioc process

/proc/net/route /proc/net/route 7feabca2dc9e6be1184391a9f3a8bd98.elf

description	ioc	process
/proc/net/route	/proc/net/route	7feabca2dc9e6be1184391a9f3a8bd98.elf

description	ioc	process
/proc/net/route	/proc/net/route	7feabca2dc9e6be1184391a9f3a8bd98.elf

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact