7851fc7352945dbe458565d576e5efc2a63574db5dd43bd2e801a370765d45e3

Analysis

max time kernel
150s
max time network
152s
platform
debian-9_armhf
resource
debian9-armhf-20231222-en
resource tags

arch:armhfimage:debian9-armhf-20231222-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
submitted
12/02/2024, 03:20

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

7851fc7352945dbe458565d576e5efc2a63574db5dd43bd2e801a370765d45e3.elf
Size

126KB
MD5

fab1d9e7b1973278712ebb5f7297ca67
SHA1

f5b33b3dfe8422c5a52139045d99f10c3bba5622
SHA256

7851fc7352945dbe458565d576e5efc2a63574db5dd43bd2e801a370765d45e3
SHA512

05dc0d43e53cf94908f8bfdd66f906cfcbba583179cc01e0c30dc8a5e4b6f36a8d2626752f3b4061c57008aa7c685050dd9c4dc73556f06b416d78b63c20127a
SSDEEP

1536:uB25fCMgGyfFxAdZ54VPkOeITsxwZuusO4Es6/+/O1l1h5wywmO/BBBcsLpuTceT:uBk9oFxy4eYQxwZuucIk67v

Score

7^/10

Malware Config

Signatures

Changes its process name 1 IoCs

description	ioc	pid	Process
Changes the process name, possibly in an attempt to hide itself		669	7851fc7352945dbe458565d576e5efc2a63574db5dd43bd2e801a370765d45e3.elf

Enumerates running processes
Discovers information about currently running processes on the system

Reads runtime system information 64 IoCs

Reads data from /proc virtual filesystem.

description	ioc
File opened for reading	/proc/14/status
File opened for reading	/proc/43/status
File opened for reading	/proc/106/status
File opened for reading	/proc/780/status
File opened for reading	/proc/7/status
File opened for reading	/proc/11/status
File opened for reading	/proc/292/status
File opened for reading	/proc/671/status
File opened for reading	/proc/672/status
File opened for reading	/proc/768/status
File opened for reading	/proc/795/status
File opened for reading	/proc/12/status
File opened for reading	/proc/288/status
File opened for reading	/proc/28/status
File opened for reading	/proc/225/status
File opened for reading	/proc/323/status
File opened for reading	/proc/644/status
File opened for reading	/proc/9/status
File opened for reading	/proc/26/status
File opened for reading	/proc/777/status
File opened for reading	/proc/6/status
File opened for reading	/proc/109/status
File opened for reading	/proc/591/status
File opened for reading	/proc/784/status
File opened for reading	/proc/27/status
File opened for reading	/proc/234/status
File opened for reading	/proc/19/status
File opened for reading	/proc/135/status
File opened for reading	/proc/138/status
File opened for reading	/proc/142/status
File opened for reading	/proc/293/status
File opened for reading	/proc/328/status
File opened for reading	/proc/593/status
File opened for reading	/proc/15/status
File opened for reading	/proc/25/status
File opened for reading	/proc/771/status
File opened for reading	/proc/792/status
File opened for reading	/proc/16/status
File opened for reading	/proc/22/status
File opened for reading	/proc/670/status
File opened for reading	/proc/760/status
File opened for reading	/proc/770/status
File opened for reading	/proc/788/status
File opened for reading	/proc/5/status
File opened for reading	/proc/10/status
File opened for reading	/proc/594/status
File opened for reading	/proc/647/status
File opened for reading	/proc/775/status
File opened for reading	/proc/29/status
File opened for reading	/proc/41/status
File opened for reading	/proc/20/status
File opened for reading	/proc/76/status
File opened for reading	/proc/139/status
File opened for reading	/proc/290/status
File opened for reading	/proc/308/status
File opened for reading	/proc/13/status
File opened for reading	/proc/17/status
File opened for reading	/proc/147/status
File opened for reading	/proc/673/status
File opened for reading	/proc/674/status
File opened for reading	/proc/779/status
File opened for reading	/proc/785/status
File opened for reading	/proc/4/status
File opened for reading	/proc/23/status

/tmp/7851fc7352945dbe458565d576e5efc2a63574db5dd43bd2e801a370765d45e3.elf
/tmp/7851fc7352945dbe458565d576e5efc2a63574db5dd43bd2e801a370765d45e3.elf
1⤵
- Changes its process name
PID:669

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads