333af238289f204e6cec2f9ad8ace54bcd5150d0e487f258ed65d9123e9e3dcf

Analysis

max time kernel
10939s
max time network
102s
platform
ubuntu-18.04_amd64
resource
ubuntu1804-amd64-20221111-en
resource tags

arch:amd64arch:i386image:ubuntu1804-amd64-20221111-enkernel:4.15.0-161-genericlocale:en-usos:ubuntu-18.04-amd64system
submitted
18-03-2023 08:52

Target

x-8.6-.SNOOPY.elf
Size

83KB
MD5

8403d8d1e894171e578123a1b290cef1
SHA1

412edc334a8bad5fc774682103d7674c7f953d87
SHA256

333af238289f204e6cec2f9ad8ace54bcd5150d0e487f258ed65d9123e9e3dcf
SHA512

7188b40c291ca02bcfdfffb0438f1af13f3215db7c6576f33471ef03612a6232489b36dcd968b775f5d9a8850f690d254d786849d9006310955574f4bd51c24f
SSDEEP

1536:UB7crF7FePF5tZuEqdPUq0aJb9sqx3CjrM3XouWIr8UmoIYuOVje+ZNne:URQFet5O7dPr0oSwyjr4XouDnmrYuOVA

Score

7^/10

Reads system routing table 1 TTPs 1 IoCs
Gets active network interfaces from /proc virtual filesystem.

System Network Configuration Discovery
T1016

Processes:

x-8.6-.SNOOPY.elf

description ioc process

/proc/net/route /proc/net/route x-8.6-.SNOOPY.elf
Reads system network configuration 1 TTPs 1 IoCs
Uses contents of /proc filesystem to enumerate network settings.

System Network Configuration Discovery
T1016

Processes:

x-8.6-.SNOOPY.elf

description ioc process

/proc/net/route /proc/net/route x-8.6-.SNOOPY.elf

description	ioc	process
/proc/net/route	/proc/net/route	x-8.6-.SNOOPY.elf

description	ioc	process
/proc/net/route	/proc/net/route	x-8.6-.SNOOPY.elf

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact