Overview

overview

10

Static

static

10

6af90ab94f...4dfa97

debian-9-armhf

7

Analysis

  • max time kernel
    143s
  • max time network
    153s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20231215-en
  • resource tags

    arch:armhfimage:debian9-armhf-20231215-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    19-12-2023 23:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6af90ab94f72c8160f9ed40b134dfa97

  • Size

    152KB

  • MD5

    6af90ab94f72c8160f9ed40b134dfa97

  • SHA1

    f18321354f21573dfd23a0dbfbd1d599458487e7

  • SHA256

    0e24797cee3f9b2417d3d3afbb25b733415196f5c801d4c1f91f7a95788fe086

  • SHA512

    c8a80bc269383227970379f65026160c9ec382a2cf3fba168408f490832237787df280eba4474fe36d849345defc68125396c668a97d3648f0d93a4f5438813f

  • SSDEEP

    3072:zbm17g6Cy++t/8tebW7ZQYK9aFUSJhYTNyvtqU60aPNMGmyOEQrCUEGT:HeW7ZzK9aFUS1tqOaPCGmyOEQrCUEGT

Score
7/10

Malware Config

Signatures

  • Changes its process name 1 IoCs
  • Reads system routing table 1 TTPs 1 IoCs

    Gets active network interfaces from /proc virtual filesystem.

  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

Processes

  • /tmp/6af90ab94f72c8160f9ed40b134dfa97
    /tmp/6af90ab94f72c8160f9ed40b134dfa97
    1⤵
    • Changes its process name
    • Reads system routing table
    • Reads system network configuration
    PID:635

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads