5cf130eeb971c0204909b2fb9e72b10a9e72d57bf4bb73f2a3dd555055f7edb5

Analysis

max time kernel
0s
max time network
144s
platform
linux_armhf
resource
debian9-armhf-en-20211208
resource tags

arch:armhfimage:debian9-armhf-en-20211208kernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
submitted
16-03-2023 07:33

Target

82d1e8b4d0007b51518cfb47693c6fb16d30724029c5789aaf9f666b61a6c2af.elf
Size

156KB
MD5

e045b5a27c9cf5bca10631656edcd8f6
SHA1

b5e49a3f2aa1abe838ea8a6f868fb100f2318860
SHA256

82d1e8b4d0007b51518cfb47693c6fb16d30724029c5789aaf9f666b61a6c2af
SHA512

9560d21dec746c608f9c1577b5c43f433f1da68f666d1ba62a4144b13ec4cdba6d7bf00ea122259dca076593d212c52383a9b9ecdef92d6ea679f1487309f76e
SSDEEP

3072:T1g2/6INNlzx2kkQCMOaQcvB6YnyLRM/9q3tmFwfBxKQodn:hg2lNNlzIkk/MOa/wYnydM/9MmFwfBxE

Score

7^/10

Reads system routing table 1 TTPs 1 IoCs
Gets active network interfaces from /proc virtual filesystem.

System Network Configuration Discovery
T1016

Processes:

82d1e8b4d0007b51518cfb47693c6fb16d30724029c5789aaf9f666b61a6c2af.elf

description ioc process

/proc/net/route /proc/net/route 82d1e8b4d0007b51518cfb47693c6fb16d30724029c5789aaf9f666b61a6c2af.elf
Reads system network configuration 1 TTPs 1 IoCs
Uses contents of /proc filesystem to enumerate network settings.

System Network Configuration Discovery
T1016

Processes:

82d1e8b4d0007b51518cfb47693c6fb16d30724029c5789aaf9f666b61a6c2af.elf

description ioc process

/proc/net/route /proc/net/route 82d1e8b4d0007b51518cfb47693c6fb16d30724029c5789aaf9f666b61a6c2af.elf

description	ioc	process
/proc/net/route	/proc/net/route	82d1e8b4d0007b51518cfb47693c6fb16d30724029c5789aaf9f666b61a6c2af.elf

description	ioc	process
/proc/net/route	/proc/net/route	82d1e8b4d0007b51518cfb47693c6fb16d30724029c5789aaf9f666b61a6c2af.elf

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact