Analysis
-
max time kernel
140s -
max time network
150s -
platform
debian-12_armhf -
resource
debian12-armhf-20240418-en -
resource tags
arch:armhfimage:debian12-armhf-20240418-enkernel:6.1.0-17-armmp-lpaelocale:en-usos:debian-12-armhfsystem -
submitted
19-10-2024 02:46
Behavioral task
behavioral1
Sample
fb7fd2ad629ade161315ea04be9d47e94876316d6d1cdb430f40ef5da2683aea.elf
Resource
debian12-armhf-20240418-en
debian-12-armhf
2 signatures
150 seconds
General
-
Target
fb7fd2ad629ade161315ea04be9d47e94876316d6d1cdb430f40ef5da2683aea.elf
-
Size
205KB
-
MD5
f59dfdc07c6118a80bc17a5ee22f73e9
-
SHA1
3cc0ba4ec22ec9bad32a17f3ebc2256c23a7439c
-
SHA256
fb7fd2ad629ade161315ea04be9d47e94876316d6d1cdb430f40ef5da2683aea
-
SHA512
ad151777e7a50e48b60f18adfe46c187af55e83e9fe15deb115d76175e14fd7281f3715f8ca7d651e6ebe7af4c182147ecc1208794fb0057724071177f6f467c
-
SSDEEP
6144:Fyoka9SMmxwi3IYvn5hPsu6PW4V7C6qm0wfB5RyAn:Fyoka9SMmxwzI5hPl63qm0mB5RyAn
Score
6/10
Malware Config
Signatures
-
Reads system routing table 1 TTPs 1 IoCs
Gets active network interfaces from /proc virtual filesystem.
Processes:
fb7fd2ad629ade161315ea04be9d47e94876316d6d1cdb430f40ef5da2683aea.elfdescription ioc process File opened for reading /proc/net/route fb7fd2ad629ade161315ea04be9d47e94876316d6d1cdb430f40ef5da2683aea.elf -
Reads system network configuration 1 TTPs 1 IoCs
Uses contents of /proc filesystem to enumerate network settings.
Processes:
fb7fd2ad629ade161315ea04be9d47e94876316d6d1cdb430f40ef5da2683aea.elfdescription ioc process File opened for reading /proc/net/route fb7fd2ad629ade161315ea04be9d47e94876316d6d1cdb430f40ef5da2683aea.elf