a4bd519fe1220ed758336a19e1a1ff922d727d3db3eea8c66ab412cf259d5cd5

Analysis

max time kernel
149s
max time network
153s
platform
debian-9_armhf
resource
debian9-armhf-20240418-en
resource tags

arch:armhfimage:debian9-armhf-20240418-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
submitted
07/07/2024, 16:23

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

1f929431fbac001c8df984490aaf2e55.elf
Size

150KB
MD5

1f929431fbac001c8df984490aaf2e55
SHA1

44f9b13e68c1d9c574eb9ec0c7edac25f0b7ea1a
SHA256

a4bd519fe1220ed758336a19e1a1ff922d727d3db3eea8c66ab412cf259d5cd5
SHA512

4972f737388f463338a9470bb320b29fd580f0b24902081f7e9e09d7810ecfe39e90b002b56a7d83f57a8031da030a84fd42a1615df482868d5ed2ee01d1dd30
SSDEEP

3072:Tdbmn8aAEHqgSkano1DTAe5hWTGZWYxVlxXmpwTsL/QMyn:he8aAEHKkdDTv5hWTGZWYxVldmpwTsLS

Score

6^/10

Malware Config

Signatures

Reads system routing table 1 TTPs 1 IoCs

Gets active network interfaces from /proc virtual filesystem.

System Network Configuration Discovery

T1016

description	ioc	Process
File opened for reading	/proc/net/route	1f929431fbac001c8df984490aaf2e55.elf

Reads system network configuration 1 TTPs 1 IoCs

Uses contents of /proc filesystem to enumerate network settings.

System Network Configuration Discovery

T1016

description	ioc	Process
File opened for reading	/proc/net/route	1f929431fbac001c8df984490aaf2e55.elf

/tmp/1f929431fbac001c8df984490aaf2e55.elf
/tmp/1f929431fbac001c8df984490aaf2e55.elf
1⤵
- Reads system routing table
- Reads system network configuration
PID:639

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

T1016

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads