Overview

overview

10

Static

static

3

builder.exe

windows7-x64

1

builder.exe

windows10-2004-x64

1

d_esxi.out

ubuntu-18.04-amd64

1

d_nas_arm.out

debian-9-armhf

3

d_nas_x86.out

ubuntu-18.04-amd64

3

d_win.exe

windows7-x64

6

d_win.exe

windows10-2004-x64

7

e_esxi.out

ubuntu-18.04-amd64

1

e_nas_arm.out

debian-9-armhf

3

e_nas_x86.out

ubuntu-18.04-amd64

3

e_win.exe

windows7-x64

10

e_win.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    4s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20240226-en
  • resource tags

    arch:armhfimage:debian9-armhf-20240226-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    25-03-2024 20:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    e_nas_arm.out

  • Size

    2.1MB

  • MD5

    28249fc247a858d9727c860e4a484392

  • SHA1

    37b2ee4c3f6b9976e2335421a05e4b480c09ff9d

  • SHA256

    e8cee8eab4020e1aadd4631ed626ab54d8733f8b14d683ca943cd4e124eeef55

  • SHA512

    af4109064b524761fc3b0b5b27ab634e9eda7c8897fe5fb5b2d39dd1b620a402eb97ce5e76d99f9a959c2c6a162a2037c398c2181d2f66d029b46d73ec7f43e4

  • SSDEEP

    49152:RJZuecSwpeH2LTBnW01NEXTY4TumnwM7UB3:nZueanLjSumnJ70

Score
3/10

Malware Config

Signatures

  • Enumerates kernel/hardware configuration 1 TTPs 1 IoCs

    Reads contents of /sys virtual filesystem to enumerate system information.

Processes

  • /tmp/e_nas_arm.out
    /tmp/e_nas_arm.out
    1⤵
    • Enumerates kernel/hardware configuration
    PID:671

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads