Analysis
-
max time kernel
109s -
max time network
129s -
platform
ubuntu-24.04_amd64 -
resource
ubuntu2404-amd64-20240523-en -
resource tags
-
submitted
10-11-2024 16:33
General
-
Target
tyo2831qq.x86.elf
-
Size
156KB
-
MD5
a8a6992775589faecef1bc8cf38bdfc5
-
SHA1
b6903301aecf34539654f309b8c12773461920dc
-
SHA256
cae053bfac71081a19bd64ae66f3fc9a149bcbe492eeb46d33647e01ab18eb52
-
SHA512
dd803894a1bb9caa2bb4d1da70d35a531a7f76718d23392ff7ee511f489f413f2c79e82a3d7432685a36f470b69c74d211d18d050bee1a5d261c75131ee58fb8
-
SSDEEP
3072:hoorS3/kjk3GWOwnzuXr+wMxphaMpFncunTieFIMK0UpW2mBT38dAY4:hqnrVxphaM2SFcRmBT38dAY4
Score
6/10
Malware Config
Signatures
-
Reads system routing table 1 TTPs 1 IoCs
Gets active network interfaces from /proc virtual filesystem.
-
Reads system network configuration 1 TTPs 1 IoCs
Uses contents of /proc filesystem to enumerate network settings.
Processes
-
/tmp/tyo2831qq.x86.elf/tmp/tyo2831qq.x86.elf1⤵
- Reads system routing table
- Reads system network configuration