Overview

overview

10

Static

static

10

4ccc9bdc78...92.elf

debian-9-armhf

7

Analysis

  • max time kernel
    0s
  • max time network
    126s
  • platform
    linux_armhf
  • resource
    debian9-armhf-en-20211208
  • resource tags

    arch:armhfimage:debian9-armhf-en-20211208kernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    08-03-2023 09:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    4ccc9bdc78e60f4137e234b478c98392.elf

  • Size

    152KB

  • MD5

    4ccc9bdc78e60f4137e234b478c98392

  • SHA1

    9210b8f7d8da1febd4cda5781429a2da3319fa80

  • SHA256

    5d9838ee8ebc9be6a37428f3b4fb4075a0e5869a773656ff8f72916909b67d09

  • SHA512

    b5678b20cf819573fcf14d004a3557dfb45c19af3bb097887884d3a3ae32fcbcf5e0f5bd4e40e91f125aa2820b24c39ff5f6a466bd1a772ebcdb3907130776a4

  • SSDEEP

    3072:tdntU2haO5H1XacBoGmh9H5q5hDiGRvEM/9f9T637m5wTsL/Qpyn:ntVhaO5H1qEc9Hw5hDiGRcM/9l+7m5wS

Score
7/10

Malware Config

Signatures

  • Reads system routing table 1 TTPs 1 IoCs

    Gets active network interfaces from /proc virtual filesystem.

  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

Processes

  • /tmp/4ccc9bdc78e60f4137e234b478c98392.elf
    /tmp/4ccc9bdc78e60f4137e234b478c98392.elf
    1⤵
    • Reads system routing table
    • Reads system network configuration
    PID:355

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads