1de8182cf04e8dcbf324ce477a9bba0ad5c72162f82a48a5942ec8d060c85517 | Triage

Submit
Reports

Overview

overview

7

Static

static

1

e71b7559af...32.elf

debian-9-armhf

7

Sharing

General

Target

e71b7559af90ba233e230064e7e3dc32.elf
Size

85KB
Sample

230504-kr54dsda5z
MD5

e71b7559af90ba233e230064e7e3dc32
SHA1

19db20a847b9ced79857d34f71acb20196c195c6
SHA256

1de8182cf04e8dcbf324ce477a9bba0ad5c72162f82a48a5942ec8d060c85517
SHA512

e1a85d9af4e6b195e130cbddd5165ff508e0dfa1acac7a7a71492246f09e276735c8610aac2be2b6c4a4dab812eea4400ab5d21e135c17d764d6ee4653c3ff8f
SSDEEP

1536:HUn7/fgAKGKVKZKMK/KiiDUdo9Qj4H+SaaZCjnMSzdl9uir+XP8BY79d8:gjKGKVKZKMK/KiiD39Qj4+SaaZCjn37b

Score

7^/10

Static task

static1

Behavioral task

behavioral1

Sample

e71b7559af90ba233e230064e7e3dc32.elf

Resource

debian9-armhf-20221111-en

debian-9-armhf

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  e71b7559af90ba233e230064e7e3dc32.elf
- Size
  
  85KB
- MD5
  
  e71b7559af90ba233e230064e7e3dc32
- SHA1
  
  19db20a847b9ced79857d34f71acb20196c195c6
- SHA256
  
  1de8182cf04e8dcbf324ce477a9bba0ad5c72162f82a48a5942ec8d060c85517
- SHA512
  
  e1a85d9af4e6b195e130cbddd5165ff508e0dfa1acac7a7a71492246f09e276735c8610aac2be2b6c4a4dab812eea4400ab5d21e135c17d764d6ee4653c3ff8f
- SSDEEP
  
  1536:HUn7/fgAKGKVKZKMK/KiiDUdo9Qj4H+SaaZCjnMSzdl9uir+XP8BY79d8:gjKGKVKZKMK/KiiD39Qj4+SaaZCjn37b
Score

7^/10
- Changes its process name
- Deletes itself
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
- Reads runtime system information
  Reads data from /proc virtual filesystem.
- Writes file to tmp directory
  Malware often drops required files in the /tmp directory.
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy