Analysis
-
max time kernel
12363s -
max time network
152s -
platform
debian-9_armhf -
resource
debian9-armhf-20221111-en -
resource tags
arch:armhfimage:debian9-armhf-20221111-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem -
submitted
03-04-2023 19:50
Behavioral task
behavioral1
Sample
a5103b93e58f2e0ec580d287a2dd1296.elf
Resource
debian9-armhf-20221111-en
debian-9-armhf
2 signatures
150 seconds
General
-
Target
a5103b93e58f2e0ec580d287a2dd1296.elf
-
Size
128KB
-
MD5
a5103b93e58f2e0ec580d287a2dd1296
-
SHA1
ef57fef10db2ce5e3c01d229605f1bc598f9443a
-
SHA256
e3361c3ce034078210be01c26d17bb402f0dab3d757b3213697130e59c38f66d
-
SHA512
10a5ab7dab0b9f2f126ce164a23133de6c9839fcfd3e148e545ffc204407c2913f778c3611b5ad2d0c2a7a2f3cba3c14461199019eb45e8f43e7eb4adbfb8325
-
SSDEEP
3072:kqIrn/ErhTaC/DFUPDFf8DIX+mTQOYkNX3Mn:kqIrsdTa6UPDFEUX+mTQOYkR3Mn
Score
7/10
Malware Config
Signatures
-
Reads system routing table 1 TTPs 1 IoCs
Gets active network interfaces from /proc virtual filesystem.
Processes:
a5103b93e58f2e0ec580d287a2dd1296.elfdescription ioc process /proc/net/route /proc/net/route a5103b93e58f2e0ec580d287a2dd1296.elf -
Reads system network configuration 1 TTPs 1 IoCs
Uses contents of /proc filesystem to enumerate network settings.
Processes:
a5103b93e58f2e0ec580d287a2dd1296.elfdescription ioc process /proc/net/route /proc/net/route a5103b93e58f2e0ec580d287a2dd1296.elf