Analysis
-
max time kernel
10975s -
max time network
152s -
platform
debian-9_armhf -
resource
debian9-armhf-20221111-en -
resource tags
-
submitted
18-03-2023 18:15
General
-
Target
85d069d13b8231601abaf49d332bfced.elf
-
Size
108KB
-
MD5
85d069d13b8231601abaf49d332bfced
-
SHA1
7ea91875a46cc76c9533e9e20236013bd329f023
-
SHA256
620687f003fa402100896ef4149d2b19f98bfd83e5b5442165202391e727f6d0
-
SHA512
655f09a22f3ea7d9057b95454fbfae9b2e6817dea6de7137163b2c64425114bb8c942b71cf8f3bda4130088b442fdef74155c5de355accf5a889a3edf7bd82c8
-
SSDEEP
3072:b6an17WtsWhdgYJL0D6mbPbmTQOWsXAOn:Wan17WPJL0D6ibmTQOWCAOn
Score
7/10
Malware Config
Signatures
-
Reads system routing table 1 TTPs 1 IoCs
Gets active network interfaces from /proc virtual filesystem.
-
Reads system network configuration 1 TTPs 1 IoCs
Uses contents of /proc filesystem to enumerate network settings.
Processes
-
/tmp/85d069d13b8231601abaf49d332bfced.elf/tmp/85d069d13b8231601abaf49d332bfced.elf1⤵
- Reads system routing table
- Reads system network configuration