98ab4d0dd6bad36e8fb0c12237c6c67b24ad6f8efb680fc0168b45c9fa54e120 | Triage

Analysis

max time kernel
130s
max time network
131s
platform
debian-9_armhf
resource
debian9-armhf-20240418-en
resource tags

arch:armhfimage:debian9-armhf-20240418-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
submitted
27/06/2024, 15:00

Sharing

Report Analysis Logs

General

Target

9d7ba699cca9da3d21928a8767b0e256.elf
Size

62KB
MD5

9d7ba699cca9da3d21928a8767b0e256
SHA1

9a029d9bd6d3dad9f16ebc715a371b4f24f0a7f1
SHA256

98ab4d0dd6bad36e8fb0c12237c6c67b24ad6f8efb680fc0168b45c9fa54e120
SHA512

5b88b580024fd084b4bf63dbbf74710d4673ef486689da77bbec629d113a0a425e4a4ac4ed67f9cf9bc5350aad756c2677ec6f10066aeee3ffddd06c7b6e2b16
SSDEEP

1536:qqt8KbXLWYl1UrtQow/TqyLtp7tYkYHum9WqI1q:MoLXlKxw/Oq7YQ1q

Score

4^/10

Malware Config

Signatures

Changes its process name 1 IoCs

description	ioc	pid
Changes the process name, possibly in an attempt to hide itself	sshd	647

Reads runtime system information 1 IoCs

Reads data from /proc virtual filesystem.

description	ioc	Process
File opened for reading	/proc/self/exe	9d7ba699cca9da3d21928a8767b0e256.elf

/tmp/9d7ba699cca9da3d21928a8767b0e256.elf
/tmp/9d7ba699cca9da3d21928a8767b0e256.elf
1⤵
- Reads runtime system information
PID:646

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads