Analysis
-
max time kernel
0s -
max time network
1s -
platform
debian-9_armhf -
resource
debian9-armhf-20240226-en -
resource tags
arch:armhfimage:debian9-armhf-20240226-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem -
submitted
02/04/2024, 01:28
Behavioral task
behavioral1
Sample
f0ee3752736d8d62f1731e60c26db491dfec0fffe85075b6757ddda257056bee.elf
Resource
debian9-armhf-20240226-en
2 signatures
150 seconds
General
-
Target
f0ee3752736d8d62f1731e60c26db491dfec0fffe85075b6757ddda257056bee.elf
-
Size
125KB
-
MD5
e98dc784f23bd67840fd526934f1d37a
-
SHA1
7dbc330cdd0c57741a3d0b59c7b1f6f11671e052
-
SHA256
f0ee3752736d8d62f1731e60c26db491dfec0fffe85075b6757ddda257056bee
-
SHA512
c0af3c040f69dcd92e58499aa18b3831487fcb219ad83b0925dcddbf3fefae5eb8d4ce97432c12da2b6c8142407773e5c5fc81fc9447f9a88072866298539040
-
SSDEEP
3072:g1DVLql1Q/noJrllehTmvkt4lb5hLDMzruH0yQGblMh7ojwQQRh6RYAvZR:MTmvJlb5hLUruaojwQQRh6RYAvZR
Score
7/10
Malware Config
Signatures
-
Changes its process name 1 IoCs
description pid Process Changes the process name, possibly in an attempt to hide itself 647 f0ee3752736d8d62f1731e60c26db491dfec0fffe85075b6757ddda257056bee.elf -
Writes DNS configuration 1 TTPs 1 IoCs
Writes data to DNS resolver config file.
description ioc File opened for modification /etc/resolv.conf