Analysis

  • max time kernel
    149s
  • max time network
    146s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20240226-en
  • resource tags

    arch:armhfimage:debian9-armhf-20240226-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    19/04/2024, 12:02

General

  • Target

    20763f800034ce169e21e79d3cf9d11f61e86905ad8b0c516b354f9a3a2ac97f.elf

  • Size

    130KB

  • MD5

    cda551500e5101453d334f4daf3897c9

  • SHA1

    523150722816ab01596bfae79fe99bae7e393602

  • SHA256

    20763f800034ce169e21e79d3cf9d11f61e86905ad8b0c516b354f9a3a2ac97f

  • SHA512

    7a3a8660514a9ffab9e3a26549cb19a78cdbac80fb2fb48f03795204d877f2f9bbf65cfef325593854888323f2eb19a2ba002286f61c27acbcc82cbcded59740

  • SSDEEP

    3072:gHZ+Hko5xFOV48wlPRfYRXaPu0ccKOA9LT8iH4:gHZrSAV48MPRffU938iY

Score
7/10

Malware Config

Signatures

  • Changes its process name 1 IoCs
  • Enumerates running processes

    Discovers information about currently running processes on the system

  • Reads runtime system information 64 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/20763f800034ce169e21e79d3cf9d11f61e86905ad8b0c516b354f9a3a2ac97f.elf
    /tmp/20763f800034ce169e21e79d3cf9d11f61e86905ad8b0c516b354f9a3a2ac97f.elf
    1⤵
    • Changes its process name
    PID:640

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads