706a5a333d6cc0e9816ee852949dc673cdb0d712ce1b99006c8139ec41e3dec0 | Triage

Sharing

General

Target

na.elf
Size

58KB
Sample

241010-hnnc3azfrb
MD5

4048eaa3159815ffcc6c30341fcb42f3
SHA1

c78f0f9bc97b745aa622fc748869e3d22955ad40
SHA256

706a5a333d6cc0e9816ee852949dc673cdb0d712ce1b99006c8139ec41e3dec0
SHA512

ea2a798cd6778dfa0ecab86b1a6ba4b6d77ccdfe08af6365d5c4028f86ed54df01c72f836cd5b56cab0b3b101dd1fc68a520e7aedb33c9d22ceb34ea98fbc5b5
SSDEEP

1536:U+nlNeK4rkkgtAEqLb/MEEGYMNQFgqcMODfiLzWvmc:virkkgtE/0kSzWvmc

Score

7^/10

credential_access discovery

Malware Config

Targets

- Target
  
  na.elf
- Size
  
  58KB
- MD5
  
  4048eaa3159815ffcc6c30341fcb42f3
- SHA1
  
  c78f0f9bc97b745aa622fc748869e3d22955ad40
- SHA256
  
  706a5a333d6cc0e9816ee852949dc673cdb0d712ce1b99006c8139ec41e3dec0
- SHA512
  
  ea2a798cd6778dfa0ecab86b1a6ba4b6d77ccdfe08af6365d5c4028f86ed54df01c72f836cd5b56cab0b3b101dd1fc68a520e7aedb33c9d22ceb34ea98fbc5b5
- SSDEEP
  
  1536:U+nlNeK4rkkgtAEqLb/MEEGYMNQFgqcMODfiLzWvmc:virkkgtE/0kSzWvmc
Score

7^/10

credential_access discovery
- Renames itself
- Reads process memory
  Read the memory of a process through the /proc virtual filesystem. This can be used to steal credentials.
  credential_access
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

OS Credential Dumping

Proc Filesystem

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

credential_accessdiscovery