Overview

overview

10

Static

static

10

d5a77bc6d2...23.elf

debian-9-armhf

7

Analysis

  • max time kernel
    152s
  • max time network
    151s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20231215-en
  • resource tags

    arch:armhfimage:debian9-armhf-20231215-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    12/02/2024, 04:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d5a77bc6d299a65aa4b4c636770d0719586b0815f34d4c7c30e23e0dac240223.elf

  • Size

    125KB

  • MD5

    ae45c690a46eb1670d0b249f806bbff3

  • SHA1

    972f153e83e17d2457899cdfd36d9df13f23f247

  • SHA256

    d5a77bc6d299a65aa4b4c636770d0719586b0815f34d4c7c30e23e0dac240223

  • SHA512

    84564b7af67cc30fac552bcb096445b6523facdd9062ff441e742e9c8b0dff8d7604902bdc40348705fb7c276b00278d66940ffc69470d675a65c5b51feebc13

  • SSDEEP

    3072:tDOIuhblIGmsfJUIifn1dRFGbbJM/9OtQTKP:tDOIWbaGmsfJU7fzjGb9M/9OtUG

Score
7/10

Malware Config

Signatures

  • Changes its process name 1 IoCs
  • Deletes itself 1 IoCs
  • Modifies Watchdog functionality 1 TTPs 2 IoCs

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

  • Writes file to system bin folder 1 TTPs 2 IoCs

Processes

  • /tmp/d5a77bc6d299a65aa4b4c636770d0719586b0815f34d4c7c30e23e0dac240223.elf
    /tmp/d5a77bc6d299a65aa4b4c636770d0719586b0815f34d4c7c30e23e0dac240223.elf
    1⤵
    • Changes its process name
    • Deletes itself
    PID:665

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads