f5a610f7a4026258c3535c97a3e2a0076ff9df81e164fe62edbae91d1efe9c86

Analysis

max time kernel
150s
max time network
152s
platform
debian-9_armhf
resource
debian9-armhf-20240226-en
resource tags

arch:armhfimage:debian9-armhf-20240226-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
submitted
27-03-2024 08:25

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

bf998ac6bc2cd7c11c74f074221df5f6.elf
Size

134KB
MD5

bf998ac6bc2cd7c11c74f074221df5f6
SHA1

9cfe308b8eba1b06e7bcc2c756f1321ac7f6d021
SHA256

f5a610f7a4026258c3535c97a3e2a0076ff9df81e164fe62edbae91d1efe9c86
SHA512

d51883c4c3eaa8254418d2d365ae1ad37ffb084487cf50cf43b508dbdd92a45e3d7e3c33712c349e253d1fef7f2d1b5e895cc22e28314930994a2b4599f3263f
SSDEEP

1536:BIhcq8nZOrV3HlSdSf9XRoQF+Au4b4Vspf/TZVIfvb6IxkzQqBAlqnQwywzFHRlZ:BIhuWrvxF+u4QXlVIfvQMqy9OzvQg

Score

7^/10

Malware Config

Signatures

Changes its process name 1 IoCs

description	ioc	pid	Process
Changes the process name, possibly in an attempt to hide itself	a- M"!	653	bf998ac6bc2cd7c11c74f074221df5f6.elf

Enumerates running processes
Discovers information about currently running processes on the system

Reads runtime system information 64 IoCs

Reads data from /proc virtual filesystem.

description	ioc
File opened for reading	/proc/780/cmdline
File opened for reading	/proc/784/cmdline
File opened for reading	/proc/2/cmdline
File opened for reading	/proc/449/cmdline
File opened for reading	/proc/682/cmdline
File opened for reading	/proc/689/cmdline
File opened for reading	/proc/28/cmdline
File opened for reading	/proc/647/cmdline
File opened for reading	/proc/656/cmdline
File opened for reading	/proc/262/cmdline
File opened for reading	/proc/709/cmdline
File opened for reading	/proc/726/cmdline
File opened for reading	/proc/747/cmdline
File opened for reading	/proc/16/cmdline
File opened for reading	/proc/42/cmdline
File opened for reading	/proc/139/cmdline
File opened for reading	/proc/167/cmdline
File opened for reading	/proc/749/cmdline
File opened for reading	/proc/752/cmdline
File opened for reading	/proc/764/cmdline
File opened for reading	/proc/768/cmdline
File opened for reading	/proc/786/cmdline
File opened for reading	/proc/20/cmdline
File opened for reading	/proc/649/cmdline
File opened for reading	/proc/667/cmdline
File opened for reading	/proc/697/cmdline
File opened for reading	/proc/769/cmdline
File opened for reading	/proc/652/cmdline
File opened for reading	/proc/673/cmdline
File opened for reading	/proc/677/cmdline
File opened for reading	/proc/695/cmdline
File opened for reading	/proc/303/cmdline
File opened for reading	/proc/703/cmdline
File opened for reading	/proc/722/cmdline
File opened for reading	/proc/751/cmdline
File opened for reading	/proc/26/cmdline
File opened for reading	/proc/701/cmdline
File opened for reading	/proc/713/cmdline
File opened for reading	/proc/760/cmdline
File opened for reading	/proc/23/cmdline
File opened for reading	/proc/41/cmdline
File opened for reading	/proc/661/cmdline
File opened for reading	/proc/775/cmdline
File opened for reading	/proc/727/cmdline
File opened for reading	/proc/731/cmdline
File opened for reading	/proc/777/cmdline
File opened for reading	/proc/202/cmdline
File opened for reading	/proc/260/cmdline
File opened for reading	/proc/670/cmdline
File opened for reading	/proc/684/cmdline
File opened for reading	/proc/75/cmdline
File opened for reading	/proc/675/cmdline
File opened for reading	/proc/702/cmdline
File opened for reading	/proc/720/cmdline
File opened for reading	/proc/721/cmdline
File opened for reading	/proc/755/cmdline
File opened for reading	/proc/771/cmdline
File opened for reading	/proc/696/cmdline
File opened for reading	/proc/767/cmdline
File opened for reading	/proc/22/cmdline
File opened for reading	/proc/650/cmdline
File opened for reading	/proc/655/cmdline
File opened for reading	/proc/666/cmdline
File opened for reading	/proc/772/cmdline

/tmp/bf998ac6bc2cd7c11c74f074221df5f6.elf
/tmp/bf998ac6bc2cd7c11c74f074221df5f6.elf
1⤵
- Changes its process name
PID:653

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads