Analysis

  • max time kernel
    1s
  • max time network
    226s
  • platform
    debian-12_armhf
  • resource
    debian12-armhf-20240221-en
  • resource tags

    arch:armhfimage:debian12-armhf-20240221-enkernel:6.1.0-17-armmp-lpaelocale:en-usos:debian-12-armhfsystem
  • submitted
    19-11-2024 18:04

General

  • Target

    c2-3.4.0_armv7_linux

  • Size

    11.8MB

  • MD5

    4e89b079f51a1ea3b3f780ee9a6b399f

  • SHA1

    3af9b741b1cc645af1b49effe59f16d31b6e1cc5

  • SHA256

    d43660674a9329c64d5a7821c5bd2cdffdb572d95119a6dfee6684bb221bbfb1

  • SHA512

    da67590a7b7ddb18c308ce356d66037ff5f3cbe336af3ddd2cd657c9dc0db6e5df7d9d293879be17aaf3195d984b6b7049149024b309655ded1e05a8171f6f7f

  • SSDEEP

    98304:lxr7tCekIoqqLA5TEtQfld87F9VXlrZD:lxrBXl5TEAyJ9ZlrZD

Score
7/10

Malware Config

Signatures

  • Renames itself 2 IoCs
  • Enumerates kernel/hardware configuration 1 TTPs 2 IoCs

    Reads contents of /sys virtual filesystem to enumerate system information.

Processes

  • /tmp/c2-3.4.0_armv7_linux
    /tmp/c2-3.4.0_armv7_linux
    1⤵
    • Renames itself
    • Enumerates kernel/hardware configuration
    PID:856
    • /tmp/c2-3.4.0_armv7_linux
      /tmp/c2-3.4.0_armv7_linux
      2⤵
      • Enumerates kernel/hardware configuration
      PID:864

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads