Analysis
-
max time kernel
4s -
max time network
126s -
platform
linux_armhf -
resource
debian9-armhf-en-20211208 -
resource tags
arch:armhfimage:debian9-armhf-en-20211208kernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem -
submitted
10-06-2023 19:07
Static task
static1
Behavioral task
behavioral1
Sample
signMagisTV_YT-TEIN.apk
Resource
android-x86-arm-20220823-en
Behavioral task
behavioral2
Sample
gomediad.so
Resource
debian9-armhf-en-20211208
Behavioral task
behavioral3
Sample
httping
Resource
debian9-armhf-20221111-en
Behavioral task
behavioral4
Sample
test1.html
Resource
win7-20230220-en
Behavioral task
behavioral5
Sample
test1.html
Resource
win10v2004-20230220-en
General
-
Target
gomediad.so
-
Size
2.4MB
-
MD5
db584da77485bc0787aaa9860af5518e
-
SHA1
94c0ffe712ca1f5fe073195b5e915ac869eef216
-
SHA256
aa419c5c4239185ed32113da20acdf2de50ded950634cfd11a8c3be9078fb772
-
SHA512
6e131fdc8d3d47fdc8caedff75e912e3e8be517be898dd4ad47cabfed3a42b3831806107089893728cf33f248915e9b373037dbfdbc980699d54c9a8949b5b7e
-
SSDEEP
49152:tui76TDnB+j8WWeZiDo8NW0pK5SSmE5A6j5sjVWOA:aTDn8z1OPK5f5ZFqWOA
Malware Config
Signatures
-
Reads runtime system information 1 IoCs
Reads data from /proc virtual filesystem.
Processes:
gomediad.sodescription ioc process File opened for reading /proc/self/exe gomediad.so