Overview

overview

10

Static

static

10

6a8557599a...79.elf

debian-9-armhf

7

Analysis

  • max time kernel
    40076s
  • max time network
    124s
  • platform
    linux_armhf
  • resource
    debian9-armhf-en-20211208
  • resource tags

    arch:armhfimage:debian9-armhf-en-20211208kernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    17-03-2023 13:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6a8557599a13b54e2d935b537eeee079.elf

  • Size

    156KB

  • MD5

    6a8557599a13b54e2d935b537eeee079

  • SHA1

    3aea423203258cff42ce13370d777cb94b0d5c19

  • SHA256

    c8650407f54f0719d70374aa2774331379f4dad9abded332c7906cdc5435a2b6

  • SHA512

    c2a8051cdf7347dac6ec6709fb2f5fad34ebddcbc55a8e4e1b7ffef8c77da072a7d9833d615945108f3de1ac3d249b959925794d8be8adc1e7a95cc48483ae05

  • SSDEEP

    3072:A1g2SIDdVTj6Q4VK5iaAE/xgBnyLRM/9iRmFwfBxKQodn:Wg2FDdVTOQ4s5iaX6BnydM/9ymFwfBxE

Score
7/10

Malware Config

Signatures

  • Reads system routing table 1 TTPs 1 IoCs

    Gets active network interfaces from /proc virtual filesystem.

  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

Processes

  • /tmp/6a8557599a13b54e2d935b537eeee079.elf
    /tmp/6a8557599a13b54e2d935b537eeee079.elf
    1⤵
    • Reads system routing table
    • Reads system network configuration
    PID:351

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads