Overview

overview

10

Static

static

10

4e63f30267...20.elf

debian-9-armhf

6

Analysis

  • max time kernel
    148s
  • max time network
    152s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20240729-en
  • resource tags

    arch:armhfimage:debian9-armhf-20240729-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    18-11-2024 19:39

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    4e63f30267c05f659b9f1bf4ce62b4fff371af1a57e8b7154fbd8340d37cb420.elf

  • Size

    194KB

  • MD5

    631c3af95160cc7e976e07da141d24c8

  • SHA1

    95bfa1ffbee97b72d9fe0bb587b9c0efa30c3b71

  • SHA256

    4e63f30267c05f659b9f1bf4ce62b4fff371af1a57e8b7154fbd8340d37cb420

  • SHA512

    b8697c81f49979418fd7c5939028c28167b7697f3cc72766184feacad02dc46ce3a7b988944aabb12e48a4397293265b928531c86fa04a82a7f6b28e5a22c4e8

  • SSDEEP

    6144:aor4gNe4uaLC3deLSAzN5hQb7yzM/9N03gmCwMvfVT4n:aor7ZuaLC3de1x5hQCQ/tmC5vfVT4n

Score
6/10
discovery

Malware Config

Signatures

  • Reads system routing table 1 TTPs 1 IoCs

    Gets active network interfaces from /proc virtual filesystem.

    discovery
  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

    discovery

Processes

  • /tmp/4e63f30267c05f659b9f1bf4ce62b4fff371af1a57e8b7154fbd8340d37cb420.elf
    /tmp/4e63f30267c05f659b9f1bf4ce62b4fff371af1a57e8b7154fbd8340d37cb420.elf
    1⤵
    • Reads system routing table
    • Reads system network configuration
    PID:658

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads