Overview

overview

9

Static

static

1

ebd7b3a6ca...2d.elf

debian-9-armhf

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    ebd7b3a6ca5c0b08d34402fee0f4902d.elf

  • Size

    196KB

  • Sample

    230509-yvzbxafh5x

  • MD5

    ebd7b3a6ca5c0b08d34402fee0f4902d

  • SHA1

    d276e694046339123e4e1f0ca1458281a3919558

  • SHA256

    2273ef203aebcca4f6f660716acc47ff5def38ba85f790c84381f04e1212b5aa

  • SHA512

    760f0b585ad16bc744fe3c5de61c9c29350b3d3d2d6594748f2c4efbf69aa37d2bc5281582bfc92aec69cf5c6d6b84b9b63bb94c0d0dd14e13308109ef43a10f

  • SSDEEP

    6144:XEBboLikKa1wYuChjHZtlf2xP8CM/9JpuGrmDaTmD5r:wcmDa1wYu6j5vu+L/LpVrmDaTmD5r

Score
9/10
discovery

Malware Config

Targets

    • Target

      ebd7b3a6ca5c0b08d34402fee0f4902d.elf

    • Size

      196KB

    • MD5

      ebd7b3a6ca5c0b08d34402fee0f4902d

    • SHA1

      d276e694046339123e4e1f0ca1458281a3919558

    • SHA256

      2273ef203aebcca4f6f660716acc47ff5def38ba85f790c84381f04e1212b5aa

    • SHA512

      760f0b585ad16bc744fe3c5de61c9c29350b3d3d2d6594748f2c4efbf69aa37d2bc5281582bfc92aec69cf5c6d6b84b9b63bb94c0d0dd14e13308109ef43a10f

    • SSDEEP

      6144:XEBboLikKa1wYuChjHZtlf2xP8CM/9JpuGrmDaTmD5r:wcmDa1wYu6j5vu+L/LpVrmDaTmD5r

    Score
    9/10
    discovery

    • Contacts a large (35931) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Changes its process name

    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

    • Reads system network configuration

      Uses contents of /proc filesystem to enumerate network settings.

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks