Analysis

  • max time kernel
    1s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20240418-en
  • resource tags

    arch:armhfimage:debian9-armhf-20240418-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    19-11-2024 18:04

General

  • Target

    c2-3.4.0_armv5_linux

  • Size

    11.8MB

  • MD5

    810ea79dd2cefbc8d0e62661c882c19d

  • SHA1

    05230ef027d98e35a1781a6490d4bb111c5bbcad

  • SHA256

    7d1d37cb68ec4db1391f165074fed471b6a67f1948abeb26751796fad8746640

  • SHA512

    8d6243a7352ee0ac951b1c7acea4f3a89724bac969655db27f22f35a89810edc4c1cca128eca4f90ff89d7b18953b95cb31f3b589789ed78999d6309c46c79ae

  • SSDEEP

    49152:elww7Dkv0AoOz6kC4cLgVSw05BHGnRCO8/a0E09OZqBDfzJDReMHKXf89jnGcs4U:8ww7FOzpC4QgVSwMGRL8/DIH0Ul0E

Score
7/10

Malware Config

Signatures

  • Renames itself 2 IoCs
  • Enumerates kernel/hardware configuration 1 TTPs 2 IoCs

    Reads contents of /sys virtual filesystem to enumerate system information.

Processes

  • /tmp/c2-3.4.0_armv5_linux
    /tmp/c2-3.4.0_armv5_linux
    1⤵
    • Renames itself
    • Enumerates kernel/hardware configuration
    PID:749
    • /tmp/c2-3.4.0_armv5_linux
      /tmp/c2-3.4.0_armv5_linux
      2⤵
      • Enumerates kernel/hardware configuration
      PID:757

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads