de556c3cc31d31052c218140a795dc98941786780bcbe6a0b3289e7e2bb1c593

Analysis

max time kernel
147s
max time network
157s
platform
debian-9_armhf
resource
debian9-armhf-20231215-en
resource tags

arch:armhfimage:debian9-armhf-20231215-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
submitted
30-12-2023 09:16

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

1444210f3ae03532be726b521995bd35
Size

146KB
MD5

1444210f3ae03532be726b521995bd35
SHA1

004fed9a5ed8be6876ae68342cba6ad13881143f
SHA256

de556c3cc31d31052c218140a795dc98941786780bcbe6a0b3289e7e2bb1c593
SHA512

7c75608da5d80cc0e3fcf5337c830ecdd6d9d264df601fb7cc58a6bcefff4befa68fd28f3d62e1edca10668af352675cc39f959966fb81ac1b066e910df958da
SSDEEP

3072:je63VDWW6Tt6xHBanmkXBM7L8buxV53cAFCmLwfCDQSAW:y63VD96sxHBaLxM7L8axV5sA0mLwfCE2

Score

6^/10

Malware Config

Signatures

Reads system routing table 1 TTPs 1 IoCs

Gets active network interfaces from /proc virtual filesystem.

System Network Configuration Discovery

T1016

description	ioc	Process
File opened for reading	/proc/net/route	1444210f3ae03532be726b521995bd35

Reads system network configuration 1 TTPs 1 IoCs

Uses contents of /proc filesystem to enumerate network settings.

System Network Configuration Discovery

T1016

description	ioc	Process
File opened for reading	/proc/net/route	1444210f3ae03532be726b521995bd35

/tmp/1444210f3ae03532be726b521995bd35
/tmp/1444210f3ae03532be726b521995bd35
1⤵
- Reads system routing table
- Reads system network configuration
PID:668

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

T1016

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads