80998bdde32aa463c659d47ebb9ecc882767e4cd6a3109c03358162b2e46410e

Analysis

max time kernel
152s
max time network
156s
platform
debian-9_mips
resource
debian9-mipsbe-20231215-en
resource tags

arch:mipsimage:debian9-mipsbe-20231215-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipssystem
submitted
19/12/2023, 22:54

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

3276ae47d7d2782faa56c1e5e78abab7
Size

126KB
MD5

3276ae47d7d2782faa56c1e5e78abab7
SHA1

649be4905e0bd81c00fcfec84116959e446ca24b
SHA256

80998bdde32aa463c659d47ebb9ecc882767e4cd6a3109c03358162b2e46410e
SHA512

d95b300c4f64b1f62b96d91ed0ba1572a1664731f35878246f6b0c1a3a2f8efd8662b5619e1bdfef9d5c8924de37f2d8bcc5de7856a479fafb88b50415866156
SSDEEP

1536:w1tkbqzlj1ufwNvomD9tAHreV+2rKQHGwG3ekW73gguzwV8alw8HmUtnjF0Cd9NU:5ADTHHGwxQguzweal5HmUljF0Cd9N3E

Score

6^/10

antivm

Malware Config

Signatures

Checks CPU configuration 1 TTPs 1 IoCs

Checks CPU information which indicate if the system is a virtual machine.

antivm

Virtualization/Sandbox Evasion

T1497

description	ioc
File opened for reading	/proc/cpuinfo

Reads system routing table 1 TTPs 1 IoCs

Gets active network interfaces from /proc virtual filesystem.

System Network Configuration Discovery

T1016

description	ioc	Process
File opened for reading	/proc/net/route	3276ae47d7d2782faa56c1e5e78abab7

Reads system network configuration 1 TTPs 1 IoCs

Uses contents of /proc filesystem to enumerate network settings.

System Network Configuration Discovery

T1016

description	ioc	Process
File opened for reading	/proc/net/route	3276ae47d7d2782faa56c1e5e78abab7

/tmp/3276ae47d7d2782faa56c1e5e78abab7
/tmp/3276ae47d7d2782faa56c1e5e78abab7
1⤵
- Reads system routing table
- Reads system network configuration
PID:706

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1497

Credential Access

Discovery

System Network Configuration Discovery

T1016

Virtualization/Sandbox Evasion

T1497

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads