5da485cbb0fa84a6e0eaf314259ffd3382b1befb90a98bbef639a2e7487303af | Triage

Sharing

Copy URL Twitter E-mail

General

Target

arm6.elf
Size

78KB
Sample

231004-rt43faed65
MD5

c7c8424b3241464e51bdaf531d55a70c
SHA1

02706e51b9d9bb3daa8e72529d0264b74dff9326
SHA256

5da485cbb0fa84a6e0eaf314259ffd3382b1befb90a98bbef639a2e7487303af
SHA512

50beee59c7a95edb983e0d7f9dd9719592febac49daffa0226671c01992f065a20cb84b9090c33a5bde3397ef6fb1fd9a09307725736926f5b785cfdca6e63a9
SSDEEP

1536:sinN9qwFhHPxWX7QFNqzSazp8CmS7wF+PE2eFCV9lVWiDJdlgWnwbZnA:/sevxWX74MSazp6S7wF+PE2ewLJdlvnZ

Score

7^/10

Malware Config

Targets

- Target
  
  arm6.elf
- Size
  
  78KB
- MD5
  
  c7c8424b3241464e51bdaf531d55a70c
- SHA1
  
  02706e51b9d9bb3daa8e72529d0264b74dff9326
- SHA256
  
  5da485cbb0fa84a6e0eaf314259ffd3382b1befb90a98bbef639a2e7487303af
- SHA512
  
  50beee59c7a95edb983e0d7f9dd9719592febac49daffa0226671c01992f065a20cb84b9090c33a5bde3397ef6fb1fd9a09307725736926f5b785cfdca6e63a9
- SSDEEP
  
  1536:sinN9qwFhHPxWX7QFNqzSazp8CmS7wF+PE2eFCV9lVWiDJdlgWnwbZnA:/sevxWX74MSazp6S7wF+PE2ewLJdlvnZ
Score

7^/10
- Changes its process name
- Deletes itself
- Enumerates active TCP sockets
  Gets active TCP sockets from /proc virtual filesystem.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1