Resubmissions
07/08/2024, 07:53
240807-jq492avenn 606/08/2024, 18:18
240806-wxw88awdmr 606/08/2024, 16:06
240806-tkd6rsxdkd 606/08/2024, 13:52
240806-q6esmsvcle 606/08/2024, 13:14
240806-qgrqxazerk 606/08/2024, 10:41
240806-mq4v2s1cpf 606/08/2024, 10:34
240806-mmhhms1cjd 6Analysis
-
max time kernel
1799s -
max time network
1800s -
platform
debian-9_armhf -
resource
debian9-armhf-20240611-en -
resource tags
arch:armhfimage:debian9-armhf-20240611-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem -
submitted
06/08/2024, 10:41
Static task
static1
Behavioral task
behavioral1
Sample
bin.armv7l
Resource
debian9-armhf-20240611-en
debian-9-armhf
2 signatures
1800 seconds
General
-
Target
bin.armv7l
-
Size
138KB
-
MD5
a28f6fe2f8965696fc113a9011c5c51f
-
SHA1
7722809b6af989e018c5eb153c5326f497969271
-
SHA256
e25badd92048d6726f404d3f28f686dc8ca86e4c3449e7a6276898d50a2bd237
-
SHA512
3947cd852c2bbdf4bfb96aa7f7b6f7f5b9fc077f3fb8f2b6d8895aa56bd39b5c07ffc9866a295e8c69ce4fdafa765302de4ea566549c06cf69c553c0812a728b
-
SSDEEP
3072:4cE750aW3TnqlKr4OD5I1MopypahVonrYcdbJG0hgrmb:4cEeaW3TnXdDe1MuypahVonrYcZzgrmb
Score
6/10
Malware Config
Signatures
-
Enumerates running processes
Discovers information about currently running processes on the system
-
Reads runtime system information 64 IoCs
Reads data from /proc virtual filesystem.
description ioc Process File opened for reading /proc/723/cmdline bin.armv7l File opened for reading /proc/1128/cmdline bin.armv7l File opened for reading /proc/760/cmdline bin.armv7l File opened for reading /proc/818/cmdline bin.armv7l File opened for reading /proc/843/cmdline bin.armv7l File opened for reading /proc/1011/cmdline bin.armv7l File opened for reading /proc/1113/cmdline bin.armv7l File opened for reading /proc/1115/cmdline bin.armv7l File opened for reading /proc/732/cmdline bin.armv7l File opened for reading /proc/932/cmdline bin.armv7l File opened for reading /proc/1037/cmdline bin.armv7l File opened for reading /proc/1104/cmdline bin.armv7l File opened for reading /proc/666/cmdline bin.armv7l File opened for reading /proc/877/cmdline bin.armv7l File opened for reading /proc/880/cmdline bin.armv7l File opened for reading /proc/952/cmdline bin.armv7l File opened for reading /proc/964/cmdline bin.armv7l File opened for reading /proc/988/cmdline bin.armv7l File opened for reading /proc/1054/cmdline bin.armv7l File opened for reading /proc/675/cmdline bin.armv7l File opened for reading /proc/685/cmdline bin.armv7l File opened for reading /proc/785/cmdline bin.armv7l File opened for reading /proc/827/cmdline bin.armv7l File opened for reading /proc/860/cmdline bin.armv7l File opened for reading /proc/945/cmdline bin.armv7l File opened for reading /proc/1055/cmdline bin.armv7l File opened for reading /proc/778/cmdline bin.armv7l File opened for reading /proc/850/cmdline bin.armv7l File opened for reading /proc/1030/cmdline bin.armv7l File opened for reading /proc/1101/cmdline bin.armv7l File opened for reading /proc/110/cmdline bin.armv7l File opened for reading /proc/758/cmdline bin.armv7l File opened for reading /proc/875/cmdline bin.armv7l File opened for reading /proc/1035/cmdline bin.armv7l File opened for reading /proc/698/cmdline bin.armv7l File opened for reading /proc/724/cmdline bin.armv7l File opened for reading /proc/800/cmdline bin.armv7l File opened for reading /proc/831/cmdline bin.armv7l File opened for reading /proc/917/cmdline bin.armv7l File opened for reading /proc/927/cmdline bin.armv7l File opened for reading /proc/1041/cmdline bin.armv7l File opened for reading /proc/825/cmdline bin.armv7l File opened for reading /proc/806/cmdline bin.armv7l File opened for reading /proc/865/cmdline bin.armv7l File opened for reading /proc/937/cmdline bin.armv7l File opened for reading /proc/1087/cmdline bin.armv7l File opened for reading /proc/1111/cmdline bin.armv7l File opened for reading /proc/1133/cmdline bin.armv7l File opened for reading /proc/993/cmdline bin.armv7l File opened for reading /proc/1092/cmdline bin.armv7l File opened for reading /proc/112/cmdline bin.armv7l File opened for reading /proc/940/cmdline bin.armv7l File opened for reading /proc/658/cmdline bin.armv7l File opened for reading /proc/706/cmdline bin.armv7l File opened for reading /proc/733/cmdline bin.armv7l File opened for reading /proc/881/cmdline bin.armv7l File opened for reading /proc/905/cmdline bin.armv7l File opened for reading /proc/931/cmdline bin.armv7l File opened for reading /proc/978/cmdline bin.armv7l File opened for reading /proc/141/cmdline bin.armv7l File opened for reading /proc/871/cmdline bin.armv7l File opened for reading /proc/1042/cmdline bin.armv7l File opened for reading /proc/1079/cmdline bin.armv7l File opened for reading /proc/678/cmdline bin.armv7l