9ea845aa28dba907ee2abc3a3dc2c50bfbc593bfaa4b1a4e40dba83c3468b45b | Triage

Submit
Reports

Overview

overview

9

Static

static

1

arm7.elf

debian-12-armhf

9

Sharing

General

Target

arm7.elf
Size

115KB
Sample

240807-hlyq1stfkj
MD5

c3c1c6803141e720ba63cd168cc5712c
SHA1

40986073cff0b4ee1b7ef4ccfb3620b53bc7f174
SHA256

9ea845aa28dba907ee2abc3a3dc2c50bfbc593bfaa4b1a4e40dba83c3468b45b
SHA512

2a48a05ae346ea6a6efd56c9d07501f60a304f2be6a42a9f86c0279d0a38c1777c56aa2f2aa76736469a1c9d9b7e6c431e4a0b05002dbfc304f4443dfcbfaea9
SSDEEP

3072:hzoMfD4gqnu9hO5gGJkkYavCMM/9WAqdz:loMfDdyu9hO57Jgav9M/9WAqdz

Score

9^/10

discovery

Static task

static1

Behavioral task

behavioral1

Sample

arm7.elf

Resource

debian12-armhf-20240418-en

debian-12-armhf

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  arm7.elf
- Size
  
  115KB
- MD5
  
  c3c1c6803141e720ba63cd168cc5712c
- SHA1
  
  40986073cff0b4ee1b7ef4ccfb3620b53bc7f174
- SHA256
  
  9ea845aa28dba907ee2abc3a3dc2c50bfbc593bfaa4b1a4e40dba83c3468b45b
- SHA512
  
  2a48a05ae346ea6a6efd56c9d07501f60a304f2be6a42a9f86c0279d0a38c1777c56aa2f2aa76736469a1c9d9b7e6c431e4a0b05002dbfc304f4443dfcbfaea9
- SSDEEP
  
  3072:hzoMfD4gqnu9hO5gGJkkYavCMM/9WAqdz:loMfDdyu9hO57Jgav9M/9WAqdz
Score

9^/10

discovery
- Contacts a large (24008) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Deletes itself
- Enumerates running processes
  Discovers information about currently running processes on the system
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy