General
-
Target
nsharm5.elf
-
Size
73KB
-
Sample
241026-vdd3vswelh
-
MD5
ec377a1b6a816a87c4874e7b04e53ab4
-
SHA1
e8e06aaacde689c4a8703aa7ff62d7442d541aca
-
SHA256
f8c9ae564656a7a30d4dcb95719e593e081a82a472a220e95c99096f35398795
-
SHA512
1072be20d27f5346195d5608b835b87b52c86a7e121a64dde1065a24afba8486673401f74a435e0d872ef54785a3c566e7a8419b9504a5380afb97c1ac3fadc6
-
SSDEEP
1536:/pBn6Hm2LCVs9M0mpmm29NPwwxO8hv2P:/pB6DL997Umm21x/+
Static task
static1
Behavioral task
behavioral1
Sample
nsharm5.elf
Resource
debian9-armhf-20240611-en
Malware Config
Targets
-
-
Target
nsharm5.elf
-
Size
73KB
-
MD5
ec377a1b6a816a87c4874e7b04e53ab4
-
SHA1
e8e06aaacde689c4a8703aa7ff62d7442d541aca
-
SHA256
f8c9ae564656a7a30d4dcb95719e593e081a82a472a220e95c99096f35398795
-
SHA512
1072be20d27f5346195d5608b835b87b52c86a7e121a64dde1065a24afba8486673401f74a435e0d872ef54785a3c566e7a8419b9504a5380afb97c1ac3fadc6
-
SSDEEP
1536:/pBn6Hm2LCVs9M0mpmm29NPwwxO8hv2P:/pB6DL997Umm21x/+
-
File and Directory Permissions Modification
Adversaries may modify file or directory permissions to evade defenses.
-
Renames itself
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Creates/modifies Cron job
Cron allows running tasks on a schedule, and is commonly used for malware persistence.
-