Overview

overview

7

Static

static

1

1e94d455c0...fbebc7

debian-9-armhf

7

Analysis

  • max time kernel
    147s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20231222-en
  • resource tags

    arch:armhfimage:debian9-armhf-20231222-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    25/12/2023, 00:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1e94d455c0af39c293fb6c040cfbebc7

  • Size

    268KB

  • MD5

    1e94d455c0af39c293fb6c040cfbebc7

  • SHA1

    5f9f1aca0bedf36da4076414f000845b4c79d937

  • SHA256

    a67eb100089c3b431e54e366c5692434f68129dbb85be710b87c067f0ac25552

  • SHA512

    80d4cb9074321b8b9b64305de8c97c1cf84c8be35389b20e1f23e52d05113a9197d28a6842405f4e664fc38203b3748e715678f766e2821d34abe6bdb9d80d6b

  • SSDEEP

    6144:MB3/06P3YlpfhWhWPPmfkf77Lv0YF1gyW78bt:MB8++vfbgit

Score
7/10

Malware Config

Signatures

  • Changes its process name 1 IoCs
  • Reads system routing table 1 TTPs 1 IoCs

    Gets active network interfaces from /proc virtual filesystem.

  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

Processes

  • /tmp/1e94d455c0af39c293fb6c040cfbebc7
    /tmp/1e94d455c0af39c293fb6c040cfbebc7
    1⤵
    • Changes its process name
    • Reads system routing table
    • Reads system network configuration
    PID:683

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads