Analysis
-
max time kernel
0s -
max time network
126s -
platform
linux_armhf -
resource
debian9-armhf-en-20211208 -
resource tags
arch:armhfimage:debian9-armhf-en-20211208kernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem -
submitted
08-03-2023 09:25
Behavioral task
behavioral1
Sample
4ccc9bdc78e60f4137e234b478c98392.elf
Resource
debian9-armhf-en-20211208
debian-9-armhf
2 signatures
150 seconds
General
-
Target
4ccc9bdc78e60f4137e234b478c98392.elf
-
Size
152KB
-
MD5
4ccc9bdc78e60f4137e234b478c98392
-
SHA1
9210b8f7d8da1febd4cda5781429a2da3319fa80
-
SHA256
5d9838ee8ebc9be6a37428f3b4fb4075a0e5869a773656ff8f72916909b67d09
-
SHA512
b5678b20cf819573fcf14d004a3557dfb45c19af3bb097887884d3a3ae32fcbcf5e0f5bd4e40e91f125aa2820b24c39ff5f6a466bd1a772ebcdb3907130776a4
-
SSDEEP
3072:tdntU2haO5H1XacBoGmh9H5q5hDiGRvEM/9f9T637m5wTsL/Qpyn:ntVhaO5H1qEc9Hw5hDiGRcM/9l+7m5wS
Score
7/10
Malware Config
Signatures
-
Reads system routing table 1 TTPs 1 IoCs
Gets active network interfaces from /proc virtual filesystem.
Processes:
4ccc9bdc78e60f4137e234b478c98392.elfdescription ioc process /proc/net/route /proc/net/route 4ccc9bdc78e60f4137e234b478c98392.elf -
Reads system network configuration 1 TTPs 1 IoCs
Uses contents of /proc filesystem to enumerate network settings.
Processes:
4ccc9bdc78e60f4137e234b478c98392.elfdescription ioc process /proc/net/route /proc/net/route 4ccc9bdc78e60f4137e234b478c98392.elf