Analysis

  • max time kernel
    141s
  • max time network
    142s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20240226-en
  • resource tags

    arch:armhfimage:debian9-armhf-20240226-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    02/04/2024, 06:31

General

  • Target

    ef45b903623d079a75ad23b4f6a1b358.elf

  • Size

    204KB

  • MD5

    ef45b903623d079a75ad23b4f6a1b358

  • SHA1

    cadfa2275785e195c968dbc22e35c04776e3f6ca

  • SHA256

    8aeb55f033a3059d0600c727de5564ee02dd5d2794e6f949a4e609c782266e81

  • SHA512

    144d2ac636a1f79a66b7f70864ac04a0074afb9aa4620bf87eb0152ac3be12289a7273036c14b931edef3fd2a09fbb259de9aa20832648ff132f71e846e4abe3

  • SSDEEP

    6144:FZzyacCwXJ4DbpW0v95hbL6+uM/9Ocgym0wfB5RyAn:FZzyacCwXJ4ga5hbvf/dgym0mB5RyAn

Score
6/10

Malware Config

Signatures

  • Reads system routing table 1 TTPs 1 IoCs

    Gets active network interfaces from /proc virtual filesystem.

  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

Processes

  • /tmp/ef45b903623d079a75ad23b4f6a1b358.elf
    /tmp/ef45b903623d079a75ad23b4f6a1b358.elf
    1⤵
    • Reads system routing table
    • Reads system network configuration
    PID:665

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads