Overview

overview

10

Static

static

10

170c84eb2f...5e.elf

debian-9-armhf

6

Analysis

  • max time kernel
    145s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20240226-en
  • resource tags

    arch:armhfimage:debian9-armhf-20240226-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    29-02-2024 05:04

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    170c84eb2f52087fb5a78f77a9d175e2a5bfee13aa61f67ed5c008ea7afff05e.elf

  • Size

    92KB

  • MD5

    13f8206ac19addb6d0aeaf38ea087551

  • SHA1

    063439a6e3addbc7ceddb1bb9bf2f8659b2f7671

  • SHA256

    170c84eb2f52087fb5a78f77a9d175e2a5bfee13aa61f67ed5c008ea7afff05e

  • SHA512

    d0224ee2df20846549298543e22389106ddbdf7aaf2e8001799bc1f84deeabbe2ab9c746da54d30c545dcb3dfb14e01edf356030ec1e91141817440ac5a9856f

  • SSDEEP

    1536:v5bc11gPfEIDRQqcfY4ayIFF14Xx6OMhgP/tBmRIqQ4DP/X7XtnQ:OgnRQSyu4XogP/fmRIqQ4DPv7XtnQ

Score
6/10

Malware Config

Signatures

  • Reads system routing table 1 TTPs 1 IoCs

    Gets active network interfaces from /proc virtual filesystem.

  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

Processes

  • /tmp/170c84eb2f52087fb5a78f77a9d175e2a5bfee13aa61f67ed5c008ea7afff05e.elf
    /tmp/170c84eb2f52087fb5a78f77a9d175e2a5bfee13aa61f67ed5c008ea7afff05e.elf
    1⤵
    • Reads system routing table
    • Reads system network configuration
    PID:659

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads