Overview

overview

10

Static

static

10

93099cf06f...d0.elf

debian-9-armhf

7

Analysis

  • max time kernel
    149s
  • max time network
    149s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20240226-en
  • resource tags

    arch:armhfimage:debian9-armhf-20240226-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    08/03/2024, 18:09

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    93099cf06f2e2114035086c7d81505d0.elf

  • Size

    49KB

  • MD5

    93099cf06f2e2114035086c7d81505d0

  • SHA1

    0c2cc97a3d1b2652f4340420610fe77a3ee60b07

  • SHA256

    f33e9499569e23170a6e789565da07254dc81f7593cdf24e034095bfadea5321

  • SHA512

    c2cf3086d713295ff3ee369fc90fb8c2c738fccb5f673db7f1bb4e51980f4f54d98e326cdbff2e0991c9a903a6c811160174c3e8f99808b9f9d248ca14e77372

  • SSDEEP

    768:ubdQnz3FpspG0sOODEQEE4k3ZT57Dt/DNz3pK61NGc1TZ/ZBjbmdJgw:+QnpIGfNyc3ZT575V3k6zBFTgj

Score
7/10

Malware Config

Signatures

  • Changes its process name 1 IoCs
  • Deletes itself 1 IoCs
  • Renames itself 1 IoCs
  • Enumerates active TCP sockets 1 TTPs 1 IoCs

    Gets active TCP sockets from /proc virtual filesystem.

  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

Processes

  • /tmp/93099cf06f2e2114035086c7d81505d0.elf
    /tmp/93099cf06f2e2114035086c7d81505d0.elf
    1⤵
    • Changes its process name
    • Deletes itself
    • Renames itself
    PID:644

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads