6962e12d14559a5c5da7166c0eacccf280c42549bdb9a40b7fd59875e3fe35f3

Analysis

max time kernel
0s
max time network
154s
platform
linux_amd64
resource
ubuntu1804-amd64-en-20211208
resource tags

arch:amd64arch:i386image:ubuntu1804-amd64-en-20211208kernel:4.15.0-161-genericlocale:en-usos:ubuntu-18.04-amd64system
submitted
08-03-2023 09:26

Target

f084404598a9be5854b7eec64bfdbf20.elf
Size

91KB
MD5

f084404598a9be5854b7eec64bfdbf20
SHA1

d4a8c91f602a65725271cda5863043cd28d838e8
SHA256

6962e12d14559a5c5da7166c0eacccf280c42549bdb9a40b7fd59875e3fe35f3
SHA512

0c09b30954d067b21299e6ceef46bd4ca0572df4854c6f9f2af8718804a7e7245ebbac851b5e30ca779bdd848c4fd88438773e7fba36a90fa1e7a171396a7108
SSDEEP

1536:p7rHXokXsWFVSzkfLEkZAT5ipG5v3iphauH/vPNlDDUg6I9um2Xj5YZb0e:pcCPOkfQfNipGdiphaE/9Vog99um2XFY

Score

7^/10

Reads system routing table 1 TTPs 1 IoCs
Gets active network interfaces from /proc virtual filesystem.

System Network Configuration Discovery
T1016

Processes:

f084404598a9be5854b7eec64bfdbf20.elf

description ioc process

/proc/net/route /proc/net/route f084404598a9be5854b7eec64bfdbf20.elf
Reads system network configuration 1 TTPs 1 IoCs
Uses contents of /proc filesystem to enumerate network settings.

System Network Configuration Discovery
T1016

Processes:

f084404598a9be5854b7eec64bfdbf20.elf

description ioc process

/proc/net/route /proc/net/route f084404598a9be5854b7eec64bfdbf20.elf

description	ioc	process
/proc/net/route	/proc/net/route	f084404598a9be5854b7eec64bfdbf20.elf

description	ioc	process
/proc/net/route	/proc/net/route	f084404598a9be5854b7eec64bfdbf20.elf

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact