Analysis
-
max time kernel
150s -
max time network
151s -
platform
debian-9_armhf -
resource
debian9-armhf-20240611-en -
resource tags
arch:armhfimage:debian9-armhf-20240611-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem -
submitted
21/07/2024, 12:04
Static task
static1
Behavioral task
behavioral1
Sample
6f659234d4abcb416507130eb37b4745.elf
Resource
debian9-armhf-20240611-en
debian-9-armhf
2 signatures
150 seconds
General
-
Target
6f659234d4abcb416507130eb37b4745.elf
-
Size
123KB
-
MD5
6f659234d4abcb416507130eb37b4745
-
SHA1
9da320f8f2659dca8f1ac63462be39473372b1b9
-
SHA256
edd1938381d3149b1c7c8c81da16ab4615861c6d07742d861be36669c4896dd9
-
SHA512
6e709d422088495c1c4568f2667a1f43a7e609dcb4d10c7cc12c5a2ad77c46ee4a735f3225ccdfdcd4187af85131b2f9e843efff79ca31d95c431e84152dae05
-
SSDEEP
3072:Bff3L/WEZDKTR5aBd4aatFCu5zz0yohJa3qRRa:dvLpmTRUj4aatFCu5zzplana
Score
6/10
Malware Config
Signatures
-
Enumerates running processes
Discovers information about currently running processes on the system
-
Reads runtime system information 64 IoCs
Reads data from /proc virtual filesystem.
description ioc Process File opened for reading /proc/724/cmdline 6f659234d4abcb416507130eb37b4745.elf File opened for reading /proc/738/cmdline 6f659234d4abcb416507130eb37b4745.elf File opened for reading /proc/779/cmdline 6f659234d4abcb416507130eb37b4745.elf File opened for reading /proc/784/stat 6f659234d4abcb416507130eb37b4745.elf File opened for reading /proc/260/stat 6f659234d4abcb416507130eb37b4745.elf File opened for reading /proc/689/cmdline 6f659234d4abcb416507130eb37b4745.elf File opened for reading /proc/726/stat 6f659234d4abcb416507130eb37b4745.elf File opened for reading /proc/734/cmdline 6f659234d4abcb416507130eb37b4745.elf File opened for reading /proc/666/cmdline 6f659234d4abcb416507130eb37b4745.elf File opened for reading /proc/739/stat 6f659234d4abcb416507130eb37b4745.elf File opened for reading /proc/701/cmdline 6f659234d4abcb416507130eb37b4745.elf File opened for reading /proc/725/stat 6f659234d4abcb416507130eb37b4745.elf File opened for reading /proc/464/cmdline 6f659234d4abcb416507130eb37b4745.elf File opened for reading /proc/717/cmdline 6f659234d4abcb416507130eb37b4745.elf File opened for reading /proc/722/stat 6f659234d4abcb416507130eb37b4745.elf File opened for reading /proc/755/stat 6f659234d4abcb416507130eb37b4745.elf File opened for reading /proc/768/cmdline 6f659234d4abcb416507130eb37b4745.elf File opened for reading /proc/771/stat 6f659234d4abcb416507130eb37b4745.elf File opened for reading /proc/784/cmdline 6f659234d4abcb416507130eb37b4745.elf File opened for reading /proc/703/cmdline 6f659234d4abcb416507130eb37b4745.elf File opened for reading /proc/270/stat 6f659234d4abcb416507130eb37b4745.elf File opened for reading /proc/608/stat 6f659234d4abcb416507130eb37b4745.elf File opened for reading /proc/664/cmdline 6f659234d4abcb416507130eb37b4745.elf File opened for reading /proc/674/stat 6f659234d4abcb416507130eb37b4745.elf File opened for reading /proc/676/stat 6f659234d4abcb416507130eb37b4745.elf File opened for reading /proc/712/cmdline 6f659234d4abcb416507130eb37b4745.elf File opened for reading /proc/741/cmdline 6f659234d4abcb416507130eb37b4745.elf File opened for reading /proc/136/cmdline 6f659234d4abcb416507130eb37b4745.elf File opened for reading /proc/679/cmdline 6f659234d4abcb416507130eb37b4745.elf File opened for reading /proc/706/stat 6f659234d4abcb416507130eb37b4745.elf File opened for reading /proc/737/cmdline 6f659234d4abcb416507130eb37b4745.elf File opened for reading /proc/761/cmdline 6f659234d4abcb416507130eb37b4745.elf File opened for reading /proc/779/stat 6f659234d4abcb416507130eb37b4745.elf File opened for reading /proc/109/cmdline 6f659234d4abcb416507130eb37b4745.elf File opened for reading /proc/718/cmdline 6f659234d4abcb416507130eb37b4745.elf File opened for reading /proc/720/cmdline 6f659234d4abcb416507130eb37b4745.elf File opened for reading /proc/778/stat 6f659234d4abcb416507130eb37b4745.elf File opened for reading /proc/782/stat 6f659234d4abcb416507130eb37b4745.elf File opened for reading /proc/406/stat 6f659234d4abcb416507130eb37b4745.elf File opened for reading /proc/291/cmdline 6f659234d4abcb416507130eb37b4745.elf File opened for reading /proc/344/cmdline 6f659234d4abcb416507130eb37b4745.elf File opened for reading /proc/703/stat 6f659234d4abcb416507130eb37b4745.elf File opened for reading /proc/151/stat 6f659234d4abcb416507130eb37b4745.elf File opened for reading /proc/272/stat 6f659234d4abcb416507130eb37b4745.elf File opened for reading /proc/705/cmdline 6f659234d4abcb416507130eb37b4745.elf File opened for reading /proc/270/cmdline 6f659234d4abcb416507130eb37b4745.elf File opened for reading /proc/109/stat 6f659234d4abcb416507130eb37b4745.elf File opened for reading /proc/197/cmdline 6f659234d4abcb416507130eb37b4745.elf File opened for reading /proc/272/cmdline 6f659234d4abcb416507130eb37b4745.elf File opened for reading /proc/608/cmdline 6f659234d4abcb416507130eb37b4745.elf File opened for reading /proc/700/cmdline 6f659234d4abcb416507130eb37b4745.elf File opened for reading /proc/707/cmdline 6f659234d4abcb416507130eb37b4745.elf File opened for reading /proc/717/stat 6f659234d4abcb416507130eb37b4745.elf File opened for reading /proc/76/stat 6f659234d4abcb416507130eb37b4745.elf File opened for reading /proc/746/stat 6f659234d4abcb416507130eb37b4745.elf File opened for reading /proc/677/cmdline 6f659234d4abcb416507130eb37b4745.elf File opened for reading /proc/680/cmdline 6f659234d4abcb416507130eb37b4745.elf File opened for reading /proc/712/stat 6f659234d4abcb416507130eb37b4745.elf File opened for reading /proc/730/cmdline 6f659234d4abcb416507130eb37b4745.elf File opened for reading /proc/761/stat 6f659234d4abcb416507130eb37b4745.elf File opened for reading /proc/675/stat 6f659234d4abcb416507130eb37b4745.elf File opened for reading /proc/169/stat 6f659234d4abcb416507130eb37b4745.elf File opened for reading /proc/654/cmdline 6f659234d4abcb416507130eb37b4745.elf File opened for reading /proc/738/stat 6f659234d4abcb416507130eb37b4745.elf