Analysis

  • max time kernel
    147s
  • max time network
    166s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20240611-en
  • resource tags

    arch:armhfimage:debian9-armhf-20240611-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    03-07-2024 01:14

General

  • Target

    3923b55e8084b820b8aa863565e853fd60b9f68e2724b214b12ac1d9aca7e53e.elf

  • Size

    167KB

  • MD5

    0ef0232ed0c666d1d4ff61103418d701

  • SHA1

    586861f76a514d0c39568369538b8abcd56f44b0

  • SHA256

    3923b55e8084b820b8aa863565e853fd60b9f68e2724b214b12ac1d9aca7e53e

  • SHA512

    8a4a0d58162be9e6931fb9465aa76ec16a792911d69fdf14159c92bd201c8455c559315294f4f3ec80a17621164f7c682cb8cc14f51bc862863db0cb0da27c17

  • SSDEEP

    3072:Bdy8WoZkeDGOvvlIAFZ3U5c0xkuQn3k5h1X7cKUmSQnNbGUBn:bZv9KBxkuQ3k5h1X7xUmSQnNbGUBn

Score
6/10

Malware Config

Signatures

  • Reads system routing table 1 TTPs 1 IoCs

    Gets active network interfaces from /proc virtual filesystem.

  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

Processes

  • /tmp/3923b55e8084b820b8aa863565e853fd60b9f68e2724b214b12ac1d9aca7e53e.elf
    /tmp/3923b55e8084b820b8aa863565e853fd60b9f68e2724b214b12ac1d9aca7e53e.elf
    1⤵
    • Reads system routing table
    • Reads system network configuration
    PID:651

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads