084c722d5807ff9624ed07e5eec95326ed46f58e35772882c94561e53b32c013

Analysis

max time kernel
11026s
max time network
133s
platform
debian-9_armhf
resource
debian9-armhf-20221111-en
resource tags

arch:armhfimage:debian9-armhf-20221111-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
submitted
19-03-2023 08:22

Target

b54ce075be65da6c9eec89e607d6fc56.elf
Size

165KB
MD5

b54ce075be65da6c9eec89e607d6fc56
SHA1

ece8cb19db726a9a5683332e098c7095661e6155
SHA256

084c722d5807ff9624ed07e5eec95326ed46f58e35772882c94561e53b32c013
SHA512

0c47b03472b0e8b3ebf171d2df39b66a8496e316dd40afc3dc668d3c67e785de722022297da3f325430a6f229c12299a8a21d76fba3156d3c41c037c7206e7b6
SSDEEP

3072:JG/rmPd3pGeQj+UcH1rkr8AawXFBD0chCmlmkgDY345hAsPN7xM/9/FECmQw9B1t:9H1rk4AawXFBYchX9gDx5hAsPNtM/9dU

Score

8^/10

Writes DNS configuration 1 TTPs 1 IoCs
Writes data to DNS resolver config file.

Dynamic Resolution
T1568

Processes:

description ioc

/etc/resolv.conf /etc/resolv.conf

description	ioc
/etc/resolv.conf	/etc/resolv.conf

/tmp/b54ce075be65da6c9eec89e607d6fc56.elf
/tmp/b54ce075be65da6c9eec89e607d6fc56.elf
1⤵
PID:367

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Dynamic Resolution

Impact