03686d2e092a648fe7b22771d4c46cc1e213396a1f928b386077bc77b4575ff8

Analysis

max time kernel
10870s
max time network
124s
platform
debian-9_mips
resource
debian9-mipsbe-20221111-en
resource tags

arch:mipsimage:debian9-mipsbe-20221111-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipssystem
submitted
17-03-2023 13:21

Target

6d11e63c5bdca50f7183f73b259a1f3e.elf
Size

122KB
MD5

6d11e63c5bdca50f7183f73b259a1f3e
SHA1

c1c867cb314cc75380d485da400f7c92e40b234a
SHA256

03686d2e092a648fe7b22771d4c46cc1e213396a1f928b386077bc77b4575ff8
SHA512

0c5359c48e2b731d2c1f18e8a8adda8d0357cfe0b653ec91233b224bc58577640d90a865a9fdaa7340659f17cfc94bf01d0fdfc84f0f91b00a5e6e71bc022e47
SSDEEP

3072:q6aBQjUWKVnJe6Jcmf2rmW+IFB1Dt1hR/:zFj6VJ1cFrmW+IFB1Dt1hR/

Score

7^/10

Reads system routing table 1 TTPs 1 IoCs
Gets active network interfaces from /proc virtual filesystem.

System Network Configuration Discovery
T1016

Processes:

6d11e63c5bdca50f7183f73b259a1f3e.elf

description ioc process

/proc/net/route /proc/net/route 6d11e63c5bdca50f7183f73b259a1f3e.elf
Reads system network configuration 1 TTPs 1 IoCs
Uses contents of /proc filesystem to enumerate network settings.

System Network Configuration Discovery
T1016

Processes:

6d11e63c5bdca50f7183f73b259a1f3e.elf

description ioc process

/proc/net/route /proc/net/route 6d11e63c5bdca50f7183f73b259a1f3e.elf

description	ioc	process
/proc/net/route	/proc/net/route	6d11e63c5bdca50f7183f73b259a1f3e.elf

description	ioc	process
/proc/net/route	/proc/net/route	6d11e63c5bdca50f7183f73b259a1f3e.elf

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact