49e2385e5ef93c7b92e7efbb1b7748bf47e9475b674bae9d2b68f64f421faeb0 | Triage

Analysis

max time kernel
140s
max time network
150s
platform
debian-12_armhf
resource
debian12-armhf-20240418-en
resource tags

arch:armhfimage:debian12-armhf-20240418-enkernel:6.1.0-17-armmp-lpaelocale:en-usos:debian-12-armhfsystem
submitted
10-11-2024 18:18

Sharing

Report Analysis Logs

General

Target

yakuza.arm6.elf
Size

127KB
MD5

a786b8606f37ce0072ae2940458f6dca
SHA1

3c652905c7db7ee009547950af43dc612b1e0805
SHA256

49e2385e5ef93c7b92e7efbb1b7748bf47e9475b674bae9d2b68f64f421faeb0
SHA512

e0bf99e1f0dfbb04bae03f71e63a2b43ad0af419ec8a8c982f6369117d3cb4526c36de8abbb0ffe6f40b99aabe2e1d9cef1cbcab2ff75c5750508c4bdfc8afa3
SSDEEP

3072:RmfdWmd6pUeQKbsPSoalymWA2PKjWmV45hAXqLm8umy/QsYJ0Yj/:Yaoalymym25hAXq4my/QsYJ0Yj/

Score

4^/10

Malware Config

Signatures

Changes its process name 1 IoCs

Processes:

yakuza.arm6.elf

description	pid	Process
Changes the process name, possibly in an attempt to hide itself	705	yakuza.arm6.elf

/tmp/yakuza.arm6.elf
/tmp/yakuza.arm6.elf
1⤵
- Changes its process name
PID:705

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads