Overview

overview

10

Static

static

10

arm7

debian-9-armhf

7

Analysis

  • max time kernel
    74s
  • max time network
    78s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20231215-en
  • resource tags

    arch:armhfimage:debian9-armhf-20231215-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    19-02-2024 23:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    arm7

  • Size

    142KB

  • MD5

    626d4c88da2554df16c0437cc58cb676

  • SHA1

    ab09be5abc2449b76b520000315e222a8bb9b6e0

  • SHA256

    a81e928abed3373a2ac1ef9286a6314f1c3a5506c82f6bd458904111a685bc51

  • SHA512

    28b17e78a7a586d38ff66583b5d5b6fccf1b517a3ff88d8dc9331a8e8726a57276d78dbecb3e03727931b8fddd2e0861aded3d3e39c81c8b5820c87d2383e1ac

  • SSDEEP

    3072:IW2gkGgvVEaswGrW9zhO/x5K9CpWZISAoxM/9L79o:IW2godEaswGrW91O/x1YZISAeM/9lo

Score
7/10

Malware Config

Signatures

  • Changes its process name 1 IoCs
  • Enumerates running processes

    Discovers information about currently running processes on the system

  • Reads runtime system information 64 IoCs

    Reads data from /proc virtual filesystem.

  • Writes file to tmp directory 1 IoCs

    Malware often drops required files in the /tmp directory.

Processes

  • /tmp/arm7
    /tmp/arm7
    1⤵
    • Changes its process name
    PID:661
    • /bin/sh
      /bin/sh -c "rm -rf bin/busybox && mkdir bin; >bin/busybox && mv /tmp/arm7 bin/busybox; chmod 777 bin/busybox"
      2⤵
      • Writes file to tmp directory
      PID:662
      • /bin/rm
        rm -rf bin/busybox
        3⤵
          PID:663
        • /bin/mkdir
          mkdir bin
          3⤵
          • Reads runtime system information
          PID:665
        • /bin/mv
          mv /tmp/arm7 bin/busybox
          3⤵
          • Reads runtime system information
          PID:670
        • /bin/chmod
          chmod 777 bin/busybox
          3⤵
            PID:672

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads