Overview

overview

9

Static

static

1

3b89545a62...17.elf

debian-9-armhf

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    3b89545a62715dfdbb0d0c3962f2434a30c62d59a7cd25ff072b06d3757ab217.elf

  • Size

    71KB

  • Sample

    241003-bpl33axbjm

  • MD5

    87ae422aa97d2bc195a010751f04073a

  • SHA1

    608628e1703d569f032e79e1b9dd4ac68f070c12

  • SHA256

    3b89545a62715dfdbb0d0c3962f2434a30c62d59a7cd25ff072b06d3757ab217

  • SHA512

    06caa33401a35204f83141c16eddbfd7dd4f0aea3e7af07117aa16ca913fe25282d2489101a1707bb359540c507216cab3d2eb55d2d5b3410b8658ebdcba3e95

  • SSDEEP

    1536:aVjijNZBuCE/F/5pj8WpyiwKRidB9QHuQ1veu3m/f:aVcA5vyiwKRidB9Qc33

Score
9/10
discovery

Malware Config

Targets

    • Target

      3b89545a62715dfdbb0d0c3962f2434a30c62d59a7cd25ff072b06d3757ab217.elf

    • Size

      71KB

    • MD5

      87ae422aa97d2bc195a010751f04073a

    • SHA1

      608628e1703d569f032e79e1b9dd4ac68f070c12

    • SHA256

      3b89545a62715dfdbb0d0c3962f2434a30c62d59a7cd25ff072b06d3757ab217

    • SHA512

      06caa33401a35204f83141c16eddbfd7dd4f0aea3e7af07117aa16ca913fe25282d2489101a1707bb359540c507216cab3d2eb55d2d5b3410b8658ebdcba3e95

    • SSDEEP

      1536:aVjijNZBuCE/F/5pj8WpyiwKRidB9QHuQ1veu3m/f:aVcA5vyiwKRidB9Qc33

    Score
    9/10
    discovery

    • Contacts a large (82257) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Renames itself

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Enumerates running processes

      Discovers information about currently running processes on the system

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks