Overview

overview

10

Static

static

10

cf9449b87e...ef.elf

debian-9-armhf

7

Analysis

  • max time kernel
    40076s
  • max time network
    126s
  • platform
    linux_armhf
  • resource
    debian9-armhf-en-20211208
  • resource tags

    arch:armhfimage:debian9-armhf-en-20211208kernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    17-03-2023 13:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    cf9449b87e248a5de2ceb1d132ba41ef.elf

  • Size

    118KB

  • MD5

    cf9449b87e248a5de2ceb1d132ba41ef

  • SHA1

    ce39010f9294c4ade41da070bbaaa6bb113c4a3f

  • SHA256

    b9b467605ccf746d4cc9858b30629b56d06b3b54b1a50948ce1d391676ed71bb

  • SHA512

    1e24e682dcf2ec8d779c8b8e8a53c4d8c5a8d72675126bc672ac6590499a90bc3082c0e1afcf158810201a0488d9f1f5ed84c9b7a333223cd5506a9d5886b0b2

  • SSDEEP

    3072:2kYP/3VQQnQbkZba4/VPkfDHENHt+mTQOY5NX3cn:FYP/3VQQ4YbaMkfD8N+mTQOY5R3cn

Score
7/10

Malware Config

Signatures

  • Reads system routing table 1 TTPs 1 IoCs

    Gets active network interfaces from /proc virtual filesystem.

  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

Processes

  • /tmp/cf9449b87e248a5de2ceb1d132ba41ef.elf
    /tmp/cf9449b87e248a5de2ceb1d132ba41ef.elf
    1⤵
    • Reads system routing table
    • Reads system network configuration
    PID:355

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads