f70266b1cd749a272ba8a13b9c9a28001bdbbc5b1a6c46df0274d72f4de3e5b3

Analysis

max time kernel
151s
max time network
154s
platform
debian-9_armhf
resource
debian9-armhf-20221125-en
resource tags

arch:armhfimage:debian9-armhf-20221125-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
submitted
07/07/2023, 15:58

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

e2edcb8963ce18159a3c4ff987cfe65c.elf
Size

171KB
MD5

e2edcb8963ce18159a3c4ff987cfe65c
SHA1

1a027956026fbfd98d6f989f963aa6804ce24c6e
SHA256

f70266b1cd749a272ba8a13b9c9a28001bdbbc5b1a6c46df0274d72f4de3e5b3
SHA512

e9895c10c395d7fdc4ce0ae42a286cf6dc040465dbfb8b889566d01f3afe144bfa530e6f7fdbcf7afc7a890717a0ad49aeae2e1ac2d8f18ffe6e36dc83264429
SSDEEP

3072:0JYjP/LriAA5UDaP1u1CVAQpT6/FCIOEB2oRM/Rz5E:0JYXriZ+DaP1u1CO++CIOW/RM/Rq

Score

7^/10

Malware Config

Signatures

Changes its process name 1 IoCs

description	ioc	pid	Process
Changes the process name, possibly in an attempt to hide itself		360	e2edcb8963ce18159a3c4ff987cfe65c.elf

Enumerates running processes
Discovers information about currently running processes on the system

Reads runtime system information 64 IoCs

Reads data from /proc virtual filesystem.

description	ioc
File opened for reading	/proc/453/cmdline
File opened for reading	/proc/465/cmdline
File opened for reading	/proc/7/cmdline
File opened for reading	/proc/12/cmdline
File opened for reading	/proc/16/cmdline
File opened for reading	/proc/399/cmdline
File opened for reading	/proc/430/cmdline
File opened for reading	/proc/409/cmdline
File opened for reading	/proc/471/cmdline
File opened for reading	/proc/8/cmdline
File opened for reading	/proc/15/cmdline
File opened for reading	/proc/142/cmdline
File opened for reading	/proc/359/cmdline
File opened for reading	/proc/383/cmdline
File opened for reading	/proc/18/cmdline
File opened for reading	/proc/372/cmdline
File opened for reading	/proc/398/cmdline
File opened for reading	/proc/410/cmdline
File opened for reading	/proc/478/cmdline
File opened for reading	/proc/390/cmdline
File opened for reading	/proc/402/cmdline
File opened for reading	/proc/405/cmdline
File opened for reading	/proc/482/cmdline
File opened for reading	/proc/457/cmdline
File opened for reading	/proc/458/cmdline
File opened for reading	/proc/3/cmdline
File opened for reading	/proc/307/cmdline
File opened for reading	/proc/365/cmdline
File opened for reading	/proc/394/cmdline
File opened for reading	/proc/427/cmdline
File opened for reading	/proc/421/cmdline
File opened for reading	/proc/425/cmdline
File opened for reading	/proc/477/cmdline
File opened for reading	/proc/22/cmdline
File opened for reading	/proc/162/cmdline
File opened for reading	/proc/391/cmdline
File opened for reading	/proc/401/cmdline
File opened for reading	/proc/408/cmdline
File opened for reading	/proc/459/cmdline
File opened for reading	/proc/41/cmdline
File opened for reading	/proc/283/cmdline
File opened for reading	/proc/369/cmdline
File opened for reading	/proc/387/cmdline
File opened for reading	/proc/406/cmdline
File opened for reading	/proc/361/cmdline
File opened for reading	/proc/413/cmdline
File opened for reading	/proc/422/cmdline
File opened for reading	/proc/467/cmdline
File opened for reading	/proc/397/cmdline
File opened for reading	/proc/417/cmdline
File opened for reading	/proc/449/cmdline
File opened for reading	/proc/461/cmdline
File opened for reading	/proc/476/cmdline
File opened for reading	/proc/455/cmdline
File opened for reading	/proc/355/cmdline
File opened for reading	/proc/362/cmdline
File opened for reading	/proc/375/cmdline
File opened for reading	/proc/388/cmdline
File opened for reading	/proc/435/cmdline
File opened for reading	/proc/468/cmdline
File opened for reading	/proc/20/cmdline
File opened for reading	/proc/42/cmdline
File opened for reading	/proc/349/cmdline
File opened for reading	/proc/377/cmdline

/tmp/e2edcb8963ce18159a3c4ff987cfe65c.elf
/tmp/e2edcb8963ce18159a3c4ff987cfe65c.elf
1⤵
- Changes its process name
PID:360

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads