Overview

overview

9

Static

static

7

arm4.elf

debian-9-armhf

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    arm4.elf

  • Size

    63KB

  • Sample

    240608-qaxnksbh3z

  • MD5

    c0294f7f6da4f65b3f88b601abfcbe8b

  • SHA1

    86749bac75e1d5f5c7fa91bc9a06b8694f3f99c9

  • SHA256

    6b8065c3761f5f53eb5650d4fb77bde7e5a97ee43e8894fcf1794a76ccd186d5

  • SHA512

    600801675252683ab43d8e424c7166c53000f18a65a8c9b39d74292c7501b7b80d081d1876495e3024e25c2b50c0ffea39831afbcee24cb9d535ec31b7d7094f

  • SSDEEP

    1536:J9ipltH66ZB9LGDoOkR5nefu++9tA4q87DCLO6j+tqyEhtW:LiPtHdZB9Lim5nIEQE69j+tNUtW

Score
9/10
discoveryupx

Malware Config

Targets

    • Target

      arm4.elf

    • Size

      63KB

    • MD5

      c0294f7f6da4f65b3f88b601abfcbe8b

    • SHA1

      86749bac75e1d5f5c7fa91bc9a06b8694f3f99c9

    • SHA256

      6b8065c3761f5f53eb5650d4fb77bde7e5a97ee43e8894fcf1794a76ccd186d5

    • SHA512

      600801675252683ab43d8e424c7166c53000f18a65a8c9b39d74292c7501b7b80d081d1876495e3024e25c2b50c0ffea39831afbcee24cb9d535ec31b7d7094f

    • SSDEEP

      1536:J9ipltH66ZB9LGDoOkR5nefu++9tA4q87DCLO6j+tqyEhtW:LiPtHdZB9Lim5nIEQE69j+tNUtW

    Score
    9/10
    discovery

    • Contacts a large (292933) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks