a5200b309931b3da044abdda3d72228ce1080257e1cbd503fce0a426a4f9c0dc

Analysis

max time kernel
146s
platform
debian-9_armhf
resource
debian9-armhf-20231222-en
resource tags

arch:armhfimage:debian9-armhf-20231222-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
submitted
09/01/2024, 12:01

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

4e40e8c8b309ae1297e6eab3bf71b944
Size

37KB
MD5

4e40e8c8b309ae1297e6eab3bf71b944
SHA1

569a9ac6a2f51bc80a8c85358ba64353e7aeca42
SHA256

a5200b309931b3da044abdda3d72228ce1080257e1cbd503fce0a426a4f9c0dc
SHA512

e19d54f8762c528ec0436b49656bed491f8b39de3ad1f9844e2008498b6de31befa2dea42b75ec405342f4841ae082f6066c84de3f1e734d0d89db3b5825c113
SSDEEP

768:vlm6huW6nML31gOP+fJJy9uL5WCaqbI8pL6ETMX2EpoOmuM:TuWSGaOP+fXy9uNFEG6dX2E2

Score

6^/10

Malware Config

Signatures

Reads system routing table 1 TTPs 1 IoCs

Gets active network interfaces from /proc virtual filesystem.

System Network Configuration Discovery

T1016

description	ioc	Process
File opened for reading	/proc/net/route	4e40e8c8b309ae1297e6eab3bf71b944

Reads system network configuration 1 TTPs 1 IoCs

Uses contents of /proc filesystem to enumerate network settings.

System Network Configuration Discovery

T1016

description	ioc	Process
File opened for reading	/proc/net/route	4e40e8c8b309ae1297e6eab3bf71b944

/tmp/4e40e8c8b309ae1297e6eab3bf71b944
/tmp/4e40e8c8b309ae1297e6eab3bf71b944
1⤵
- Reads system routing table
- Reads system network configuration
PID:699

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

T1016

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads