Overview

overview

10

Static

static

10

53a69bf55a...a13ac4

debian-9-armhf

7

Analysis

  • max time kernel
    127s
  • max time network
    132s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20231215-en
  • resource tags

    arch:armhfimage:debian9-armhf-20231215-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    19/12/2023, 23:15

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    53a69bf55a7d422711860e44cda13ac4

  • Size

    160KB

  • MD5

    53a69bf55a7d422711860e44cda13ac4

  • SHA1

    c1a821bc6b255b24110e0dc0740d15ce3f6c6c4b

  • SHA256

    8966965fd6d4fc497161926a1ab8e448e46681f376c730797aaf45a536ab5fe7

  • SHA512

    96fe027d3b9ba42028c6f4b0b4282b40df153ef392eb017082a78e5126f9f3025822e35694897eb4e59e5c9151e346ac9635127c3573f8a2a6ff614da7c7d06b

  • SSDEEP

    3072:/VBFp9jACvm/zyBmiQa4iX8yGwrmqYyetJ8add9Qzhs6qmMP9XmZYDomyLQ0LOXT:/m3aFXsDqYyetJ8addQzqmkDomyLQ0Lw

Score
7/10

Malware Config

Signatures

  • Changes its process name 1 IoCs
  • Reads system routing table 1 TTPs 1 IoCs

    Gets active network interfaces from /proc virtual filesystem.

  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

Processes

  • /tmp/53a69bf55a7d422711860e44cda13ac4
    /tmp/53a69bf55a7d422711860e44cda13ac4
    1⤵
    • Changes its process name
    • Reads system routing table
    • Reads system network configuration
    PID:657

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads