8eaec3bb48f27902eeb97156f00c6b8aa59e13c94548fcd0a4f0c9d2cd836276

Analysis

max time kernel
149s
max time network
153s
platform
debian-9_armhf
resource
debian9-armhf-20240221-en
resource tags

arch:armhfimage:debian9-armhf-20240221-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
submitted
22/02/2024, 11:18

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

6abb116d2d18a5faa56e04c07183f270.elf
Size

146KB
MD5

6abb116d2d18a5faa56e04c07183f270
SHA1

d380d33485548e3816dea2346a51c9e8f0e430ef
SHA256

8eaec3bb48f27902eeb97156f00c6b8aa59e13c94548fcd0a4f0c9d2cd836276
SHA512

38e92328a5ee703997fe47be1d1a5d1c4c41f2e064cf83b92e1eb99424a10540b8e5720ed8c5004dc37943d52dc30addc1529c31f516d23bf8f168a5b76ae140
SSDEEP

3072:fuNaNpF4uVN++dkhnxbQennF4M/9OD4bNWkE1kmpwfvRQfZn:mNaNpF4+NChnZQennCM/9ekmpwfvafZn

Score

6^/10

Malware Config

Signatures

Reads system routing table 1 TTPs 1 IoCs

Gets active network interfaces from /proc virtual filesystem.

System Network Configuration Discovery

T1016

description	ioc	Process
File opened for reading	/proc/net/route	6abb116d2d18a5faa56e04c07183f270.elf

Reads system network configuration 1 TTPs 1 IoCs

Uses contents of /proc filesystem to enumerate network settings.

System Network Configuration Discovery

T1016

description	ioc	Process
File opened for reading	/proc/net/route	6abb116d2d18a5faa56e04c07183f270.elf

/tmp/6abb116d2d18a5faa56e04c07183f270.elf
/tmp/6abb116d2d18a5faa56e04c07183f270.elf
1⤵
- Reads system routing table
- Reads system network configuration
PID:643

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

T1016

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads