Overview

overview

10

Static

static

10

d3276cd112...9c.elf

debian-9-armhf

8

Analysis

  • max time kernel
    0s
  • max time network
    138s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20221111-en
  • resource tags

    arch:armhfimage:debian9-armhf-20221111-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    19-03-2023 08:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d3276cd1129708e068558a36729e3c9c.elf

  • Size

    127KB

  • MD5

    d3276cd1129708e068558a36729e3c9c

  • SHA1

    4c7f34e2bf36e77ff590fcbe81882aef6cb3f4c7

  • SHA256

    7414148e6b31d307ba05ffec5d97493771469329b604c93ff127c5af9b399d4a

  • SHA512

    63f6bd1e414ea0dcf0dbace243346e4589c846c8a3f8669e30270a42ea76bf43f814314950e7facab4fbb3c793a9568b02709ed2ca0dbbd517c911d59e7eb260

  • SSDEEP

    3072:1gfuySdhp0eQTrDUE8GDoeFafhxsWC0LlYKVh45hx7q5VFSLMmy/QsYJ0Yj/:wUE8GDDFafhxs4Va5hx7qPmy/QsYJ0Yb

Score
8/10

Malware Config

Signatures

  • Writes DNS configuration 1 TTPs 1 IoCs

    Writes data to DNS resolver config file.

Processes

  • /tmp/d3276cd1129708e068558a36729e3c9c.elf
    /tmp/d3276cd1129708e068558a36729e3c9c.elf
    1⤵
      PID:369

    Network

    MITRE ATT&CK Matrix ATT&CK v6

    Initial Access

    Execution

    Persistence

    Privilege Escalation

    Defense Evasion

    Credential Access

    Discovery

    Lateral Movement

    Collection

    Exfiltration

    Command and Control

    Dynamic Resolution

    1
    T1568

    Impact

    Replay Monitor

    Loading Replay Monitor...

    Downloads