5be8ba28bf0cc47f921ac70574862055c3c9208c67f3f4ba141c6e0386012f1c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.5be8ba28bf0cc47f921ac70574862055c3c9208c67f3f4ba141c6e0386012f1c.elf
Size

42KB
Sample

231112-wtvwzsab2x
MD5

512ac489018682f7f53630ccce948f49
SHA1

a9bdb75d84d069777c368f62fbcff801c2d4fe36
SHA256

5be8ba28bf0cc47f921ac70574862055c3c9208c67f3f4ba141c6e0386012f1c
SHA512

e83367955196eae69bb712360268d905513a3acac66ed63d18b9a70cd3294d109d2fa7334401fd9d118aa99e42f525b1ba4c2548b68d1b9eeabb9032e93c3687
SSDEEP

768:AlRou1vPOMrv/Ffi3C6wkGgqhPSIRc+LBWRtHKFCg5kaqvnteu9M:A739ViLwkYPHcdvg5VqfU

Score

7^/10

Malware Config

Targets

- Target
  
  NEAS.5be8ba28bf0cc47f921ac70574862055c3c9208c67f3f4ba141c6e0386012f1c.elf
- Size
  
  42KB
- MD5
  
  512ac489018682f7f53630ccce948f49
- SHA1
  
  a9bdb75d84d069777c368f62fbcff801c2d4fe36
- SHA256
  
  5be8ba28bf0cc47f921ac70574862055c3c9208c67f3f4ba141c6e0386012f1c
- SHA512
  
  e83367955196eae69bb712360268d905513a3acac66ed63d18b9a70cd3294d109d2fa7334401fd9d118aa99e42f525b1ba4c2548b68d1b9eeabb9032e93c3687
- SSDEEP
  
  768:AlRou1vPOMrv/Ffi3C6wkGgqhPSIRc+LBWRtHKFCg5kaqvnteu9M:A739ViLwkYPHcdvg5VqfU
Score

7^/10
- Changes its process name
- Reads system routing table
  Gets active network interfaces from /proc virtual filesystem.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1