Overview

overview

6

Static

static

1

1edc98496c...4bdc12

debian-9-armhf

6

Analysis

  • max time kernel
    144s
  • max time network
    155s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20231215-en
  • resource tags

    arch:armhfimage:debian9-armhf-20231215-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    19-12-2023 22:41

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1edc98496cd6818fc66de5675d4bdc12

  • Size

    89KB

  • MD5

    1edc98496cd6818fc66de5675d4bdc12

  • SHA1

    1f39361ac7750322e77a597623383e0c04ccf191

  • SHA256

    c242308385a4398367ca2f7d8043e0d6b99f0472a36049a2f15d8a1e1a51cec6

  • SHA512

    ab8b91c28653347e3b8d44d0b6052e4d22f9b450ac3113dc32dd38191997142eb32b42d4cc2dbdea2c3c3703587aceec9b1d6e5d801bd8190e3899af7a863229

  • SSDEEP

    1536:HzDBmIByJZIlhOPx5O8vQTsGYP+CvHUOStVNXLqZ1mkgmQAE+dAXDfj:H1BSZPjQkBHUO2WLmkgmQAEUAXDfj

Score
6/10

Malware Config

Signatures

  • Reads system routing table 1 TTPs 1 IoCs

    Gets active network interfaces from /proc virtual filesystem.

  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

Processes

  • /tmp/1edc98496cd6818fc66de5675d4bdc12
    /tmp/1edc98496cd6818fc66de5675d4bdc12
    1⤵
    • Reads system routing table
    • Reads system network configuration
    PID:667

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads