Analysis

  • max time kernel
    145s
  • max time network
    151s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20231215-en
  • resource tags

    arch:armhfimage:debian9-armhf-20231215-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    19-12-2023 23:01

General

  • Target

    3d2429b7ad2ac2f6fe164ee62f2838ec

  • Size

    154KB

  • MD5

    3d2429b7ad2ac2f6fe164ee62f2838ec

  • SHA1

    f4f5fdc0a6e2f53db6106a95a3e9c88b847077bd

  • SHA256

    dc4e2edda3f53890eba513e466a5859f8f3b0552b3fe8414de3ca5c1ceef4cf1

  • SHA512

    a6b8d2d657bbe272f2f6e36c46336d1817e8192d53492d28853b7279755bc255f17192333f9f46e054ea1b53884aedf167b4521f14db2946b61482766d2fe8cb

  • SSDEEP

    3072:Od/dRL2nl8ycWpWFAraV3bevzlVMwLU6PgFH3ZpM/96ud:Od1RL2l8yuCraV3bevzPc6oFH3nM/96E

Score
9/10

Malware Config

Signatures

  • Contacts a large (2558) amount of remote hosts 1 TTPs

    This may indicate a network scan to discover remotely running services.

  • Write file to user bin folder 1 TTPs 2 IoCs
  • Writes file to system bin folder 1 TTPs 3 IoCs
  • Reads runtime system information 20 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/3d2429b7ad2ac2f6fe164ee62f2838ec
    /tmp/3d2429b7ad2ac2f6fe164ee62f2838ec
    1⤵
      PID:655

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads