Overview

overview

10

Static

static

10

4613e255d1...f3.elf

debian-9-armhf

6

Analysis

  • max time kernel
    147s
  • max time network
    149s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20231221-en
  • resource tags

    arch:armhfimage:debian9-armhf-20231221-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    14/02/2024, 05:22

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    4613e255d1c265e49eb4e74b45acf40aa95539a3daed7558cf3f9985c5d612f3.elf

  • Size

    88KB

  • MD5

    2206f1458805f4b2b0c292882e8c065c

  • SHA1

    1b6fa1ceb275f88dd1a0c7a05f4338cfb8b25d65

  • SHA256

    4613e255d1c265e49eb4e74b45acf40aa95539a3daed7558cf3f9985c5d612f3

  • SHA512

    eef1de893e68fdac20efee0f7bad9945d23253836936a570a6cb02b219fd2df6e33a0d0e44fba41b699fabe2d2947012ebb397dfceeffd44025c95c2c588e399

  • SSDEEP

    1536:V2oW8tdPmoRgUUVYOfZ2vnGROBqq70RituK2G6U2EmZdqQ4KkJZE2hj:o2PZU72OR1q70RgufG6UVmZdqQ4KoZE4

Score
6/10

Malware Config

Signatures

  • Reads system routing table 1 TTPs 1 IoCs

    Gets active network interfaces from /proc virtual filesystem.

  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

Processes

  • /tmp/4613e255d1c265e49eb4e74b45acf40aa95539a3daed7558cf3f9985c5d612f3.elf
    /tmp/4613e255d1c265e49eb4e74b45acf40aa95539a3daed7558cf3f9985c5d612f3.elf
    1⤵
    • Reads system routing table
    • Reads system network configuration
    PID:664

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads