Overview

overview

10

Static

static

10

0b9ce873a4...9df599

debian-9-armhf

7

Analysis

  • max time kernel
    152s
  • max time network
    157s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20231215-en
  • resource tags

    arch:armhfimage:debian9-armhf-20231215-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    19/12/2023, 22:28

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    0b9ce873a4bf5aaa97d42f0e149df599

  • Size

    132KB

  • MD5

    0b9ce873a4bf5aaa97d42f0e149df599

  • SHA1

    b06103d4519373c0ea07926d5756949ee5d84282

  • SHA256

    298dfab193d7b0de97f63d7de139b198c73b572a3c3385dfdc7ed1638145d487

  • SHA512

    7dd459ac6f84e4ac5c21d8beb051d8ad3c3134cc2fbf19048b2104864e24907f517be2c47c4b76508450acd4e06b14b9cc775fd65da0b88d116e176c63d33872

  • SSDEEP

    3072:Kf/Qn5pOO6KpMBr+p9nl1GNbPJ9A62Qv9ybcQ17YfDQNLBmQWOO:ggG5zcQv/Q17YfDQNLBmQWOO

Score
7/10

Malware Config

Signatures

  • Changes its process name 1 IoCs
  • Reads system routing table 1 TTPs 1 IoCs

    Gets active network interfaces from /proc virtual filesystem.

  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

Processes

  • /tmp/0b9ce873a4bf5aaa97d42f0e149df599
    /tmp/0b9ce873a4bf5aaa97d42f0e149df599
    1⤵
    • Changes its process name
    • Reads system routing table
    • Reads system network configuration
    PID:678

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads