Analysis
-
max time kernel
10255s -
max time network
148s -
platform
debian-9_armhf -
resource
debian9-armhf-20221111-en -
resource tags
arch:armhfimage:debian9-armhf-20221111-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem -
submitted
10-03-2023 10:11
Behavioral task
behavioral1
Sample
02ad01cc3916b2c678dbe73ac2b497e2.elf
Resource
debian9-armhf-20221111-en
debian-9-armhf
2 signatures
150 seconds
General
-
Target
02ad01cc3916b2c678dbe73ac2b497e2.elf
-
Size
118KB
-
MD5
02ad01cc3916b2c678dbe73ac2b497e2
-
SHA1
6db36b1a3a6b1f529cbc47b3ef3df5b3ab7bad81
-
SHA256
a004cbdce66635dfdfa590a350ddf97fd31a65fe89aa872ebd454913682c0a7f
-
SHA512
5ff7903440542236d98d334f0ee4f5687dbaa83b918cc0f04acf60b0a6d5a3fe7672583811dfaf44bf58381c91fa7671fe00c21fbf7843759e6e2a7686483f54
-
SSDEEP
3072:ekYPUfsgnsb0J2ag/VfkkDN0dn+mTQOY5NX3cn:9YPUfsgEo2a0kkDy+mTQOY5R3cn
Score
7/10
Malware Config
Signatures
-
Reads system routing table 1 TTPs 1 IoCs
Gets active network interfaces from /proc virtual filesystem.
Processes:
02ad01cc3916b2c678dbe73ac2b497e2.elfdescription ioc process /proc/net/route /proc/net/route 02ad01cc3916b2c678dbe73ac2b497e2.elf -
Reads system network configuration 1 TTPs 1 IoCs
Uses contents of /proc filesystem to enumerate network settings.
Processes:
02ad01cc3916b2c678dbe73ac2b497e2.elfdescription ioc process /proc/net/route /proc/net/route 02ad01cc3916b2c678dbe73ac2b497e2.elf