Overview

overview

10

Static

static

10

hidakibest.arm5.elf

debian-12-armhf

6

Analysis

  • max time kernel
    150s
  • max time network
    187s
  • platform
    debian-12_armhf
  • resource
    debian12-armhf-20240221-en
  • resource tags

    arch:armhfimage:debian12-armhf-20240221-enkernel:6.1.0-17-armmp-lpaelocale:en-usos:debian-12-armhfsystem
  • submitted
    02/09/2024, 04:33

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    hidakibest.arm5.elf

  • Size

    150KB

  • MD5

    65160e5914176a8c073c8808c0f37267

  • SHA1

    52922ebec813c79a6debb17bd9aff2f300006ee3

  • SHA256

    2f77809b11228f73d044c6eac5292759b659b00e89a9e76b1a8cd3f0d74d53d6

  • SHA512

    a0dad8aabe1db3838f24a034812e17e96ec424d4edc72044ee2aeb22f933589ca8a35f6cc805fbc8c2eea7cc516322a77f83cc4437e1c58fd7de78f13dfa1589

  • SSDEEP

    3072:Tdbmn8aAEHqgSkano1DTA95hWTGU2WV7lxXmpwTsL/QMyn:he8aAEHKkdDTI5hWTGU2WV7ldmpwTsLS

Score
6/10

Malware Config

Signatures

  • Reads system routing table 1 TTPs 1 IoCs

    Gets active network interfaces from /proc virtual filesystem.

  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

Processes

  • /tmp/hidakibest.arm5.elf
    /tmp/hidakibest.arm5.elf
    1⤵
    • Reads system routing table
    • Reads system network configuration
    PID:708

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads