1cdaf1eca20accfbba7a63e7f0322e71616766fd38a0bd35cc094a22e8df9d2e

Analysis

max time kernel
150s
max time network
158s
platform
debian-12_armhf
resource
debian12-armhf-20240221-en
resource tags

arch:armhfimage:debian12-armhf-20240221-enkernel:6.1.0-17-armmp-lpaelocale:en-usos:debian-12-armhfsystem
submitted
20-11-2024 02:10

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

1cdaf1eca20accfbba7a63e7f0322e71616766fd38a0bd35cc094a22e8df9d2e.elf
Size

180KB
MD5

2d944d27cdf592a1b9bd0fda481cf2fe
SHA1

4bdfb81c3308763f3141734a87688b2990dcc58a
SHA256

1cdaf1eca20accfbba7a63e7f0322e71616766fd38a0bd35cc094a22e8df9d2e
SHA512

00649d161a54e1d441809970c9c8a6dddf33ac8db7709cdfca996d5b4e0ae26d7d67e259af118f0ac98701f393193d86135bacdc175bb8ed6acbfbcb66c3a0e2
SSDEEP

3072:xESFFNFSClK1Tvk3ahn4qfdQGGgQzWo6li/YpEoGM/RxMQkunSh:SSHNNlKBM3ahn4qFQ/Kowi/yJGM/RxMf

Score

6^/10

discovery

Malware Config

Signatures

Enumerates running processes
Discovers information about currently running processes on the system

Changes its process name 1 IoCs

description	ioc	pid	Process
Changes the process name, possibly in an attempt to hide itself	a- M"!	713	1cdaf1eca20accfbba7a63e7f0322e71616766fd38a0bd35cc094a22e8df9d2e.elf

Reads runtime system information 64 IoCs

Reads data from /proc virtual filesystem.

discovery

description	ioc	Process
File opened for reading	/proc/748/cmdline	1cdaf1eca20accfbba7a63e7f0322e71616766fd38a0bd35cc094a22e8df9d2e.elf
File opened for reading	/proc/35/cmdline	1cdaf1eca20accfbba7a63e7f0322e71616766fd38a0bd35cc094a22e8df9d2e.elf
File opened for reading	/proc/329/cmdline	1cdaf1eca20accfbba7a63e7f0322e71616766fd38a0bd35cc094a22e8df9d2e.elf
File opened for reading	/proc/732/cmdline	1cdaf1eca20accfbba7a63e7f0322e71616766fd38a0bd35cc094a22e8df9d2e.elf
File opened for reading	/proc/757/cmdline	1cdaf1eca20accfbba7a63e7f0322e71616766fd38a0bd35cc094a22e8df9d2e.elf
File opened for reading	/proc/761/cmdline	1cdaf1eca20accfbba7a63e7f0322e71616766fd38a0bd35cc094a22e8df9d2e.elf
File opened for reading	/proc/14/cmdline	1cdaf1eca20accfbba7a63e7f0322e71616766fd38a0bd35cc094a22e8df9d2e.elf
File opened for reading	/proc/720/cmdline	1cdaf1eca20accfbba7a63e7f0322e71616766fd38a0bd35cc094a22e8df9d2e.elf
File opened for reading	/proc/27/cmdline	1cdaf1eca20accfbba7a63e7f0322e71616766fd38a0bd35cc094a22e8df9d2e.elf
File opened for reading	/proc/30/cmdline	1cdaf1eca20accfbba7a63e7f0322e71616766fd38a0bd35cc094a22e8df9d2e.elf
File opened for reading	/proc/33/cmdline	1cdaf1eca20accfbba7a63e7f0322e71616766fd38a0bd35cc094a22e8df9d2e.elf
File opened for reading	/proc/252/cmdline	1cdaf1eca20accfbba7a63e7f0322e71616766fd38a0bd35cc094a22e8df9d2e.elf
File opened for reading	/proc/766/cmdline	1cdaf1eca20accfbba7a63e7f0322e71616766fd38a0bd35cc094a22e8df9d2e.elf
File opened for reading	/proc/74/cmdline	1cdaf1eca20accfbba7a63e7f0322e71616766fd38a0bd35cc094a22e8df9d2e.elf
File opened for reading	/proc/733/cmdline	1cdaf1eca20accfbba7a63e7f0322e71616766fd38a0bd35cc094a22e8df9d2e.elf
File opened for reading	/proc/743/cmdline	1cdaf1eca20accfbba7a63e7f0322e71616766fd38a0bd35cc094a22e8df9d2e.elf
File opened for reading	/proc/22/cmdline	1cdaf1eca20accfbba7a63e7f0322e71616766fd38a0bd35cc094a22e8df9d2e.elf
File opened for reading	/proc/57/cmdline	1cdaf1eca20accfbba7a63e7f0322e71616766fd38a0bd35cc094a22e8df9d2e.elf
File opened for reading	/proc/729/cmdline	1cdaf1eca20accfbba7a63e7f0322e71616766fd38a0bd35cc094a22e8df9d2e.elf
File opened for reading	/proc/734/cmdline	1cdaf1eca20accfbba7a63e7f0322e71616766fd38a0bd35cc094a22e8df9d2e.elf
File opened for reading	/proc/739/cmdline	1cdaf1eca20accfbba7a63e7f0322e71616766fd38a0bd35cc094a22e8df9d2e.elf
File opened for reading	/proc/749/cmdline	1cdaf1eca20accfbba7a63e7f0322e71616766fd38a0bd35cc094a22e8df9d2e.elf
File opened for reading	/proc/24/cmdline	1cdaf1eca20accfbba7a63e7f0322e71616766fd38a0bd35cc094a22e8df9d2e.elf
File opened for reading	/proc/25/cmdline	1cdaf1eca20accfbba7a63e7f0322e71616766fd38a0bd35cc094a22e8df9d2e.elf
File opened for reading	/proc/342/cmdline	1cdaf1eca20accfbba7a63e7f0322e71616766fd38a0bd35cc094a22e8df9d2e.elf
File opened for reading	/proc/715/cmdline	1cdaf1eca20accfbba7a63e7f0322e71616766fd38a0bd35cc094a22e8df9d2e.elf
File opened for reading	/proc/731/cmdline	1cdaf1eca20accfbba7a63e7f0322e71616766fd38a0bd35cc094a22e8df9d2e.elf
File opened for reading	/proc/11/cmdline	1cdaf1eca20accfbba7a63e7f0322e71616766fd38a0bd35cc094a22e8df9d2e.elf
File opened for reading	/proc/735/cmdline	1cdaf1eca20accfbba7a63e7f0322e71616766fd38a0bd35cc094a22e8df9d2e.elf
File opened for reading	/proc/760/cmdline	1cdaf1eca20accfbba7a63e7f0322e71616766fd38a0bd35cc094a22e8df9d2e.elf
File opened for reading	/proc/756/cmdline	1cdaf1eca20accfbba7a63e7f0322e71616766fd38a0bd35cc094a22e8df9d2e.elf
File opened for reading	/proc/21/cmdline	1cdaf1eca20accfbba7a63e7f0322e71616766fd38a0bd35cc094a22e8df9d2e.elf
File opened for reading	/proc/31/cmdline	1cdaf1eca20accfbba7a63e7f0322e71616766fd38a0bd35cc094a22e8df9d2e.elf
File opened for reading	/proc/32/cmdline	1cdaf1eca20accfbba7a63e7f0322e71616766fd38a0bd35cc094a22e8df9d2e.elf
File opened for reading	/proc/58/cmdline	1cdaf1eca20accfbba7a63e7f0322e71616766fd38a0bd35cc094a22e8df9d2e.elf
File opened for reading	/proc/750/cmdline	1cdaf1eca20accfbba7a63e7f0322e71616766fd38a0bd35cc094a22e8df9d2e.elf
File opened for reading	/proc/2/cmdline	1cdaf1eca20accfbba7a63e7f0322e71616766fd38a0bd35cc094a22e8df9d2e.elf
File opened for reading	/proc/47/cmdline	1cdaf1eca20accfbba7a63e7f0322e71616766fd38a0bd35cc094a22e8df9d2e.elf
File opened for reading	/proc/319/cmdline	1cdaf1eca20accfbba7a63e7f0322e71616766fd38a0bd35cc094a22e8df9d2e.elf
File opened for reading	/proc/724/cmdline	1cdaf1eca20accfbba7a63e7f0322e71616766fd38a0bd35cc094a22e8df9d2e.elf
File opened for reading	/proc/3/cmdline	1cdaf1eca20accfbba7a63e7f0322e71616766fd38a0bd35cc094a22e8df9d2e.elf
File opened for reading	/proc/718/cmdline	1cdaf1eca20accfbba7a63e7f0322e71616766fd38a0bd35cc094a22e8df9d2e.elf
File opened for reading	/proc/746/cmdline	1cdaf1eca20accfbba7a63e7f0322e71616766fd38a0bd35cc094a22e8df9d2e.elf
File opened for reading	/proc/23/cmdline	1cdaf1eca20accfbba7a63e7f0322e71616766fd38a0bd35cc094a22e8df9d2e.elf
File opened for reading	/proc/691/cmdline	1cdaf1eca20accfbba7a63e7f0322e71616766fd38a0bd35cc094a22e8df9d2e.elf
File opened for reading	/proc/711/cmdline	1cdaf1eca20accfbba7a63e7f0322e71616766fd38a0bd35cc094a22e8df9d2e.elf
File opened for reading	/proc/716/cmdline	1cdaf1eca20accfbba7a63e7f0322e71616766fd38a0bd35cc094a22e8df9d2e.elf
File opened for reading	/proc/737/cmdline	1cdaf1eca20accfbba7a63e7f0322e71616766fd38a0bd35cc094a22e8df9d2e.elf
File opened for reading	/proc/34/cmdline	1cdaf1eca20accfbba7a63e7f0322e71616766fd38a0bd35cc094a22e8df9d2e.elf
File opened for reading	/proc/144/cmdline	1cdaf1eca20accfbba7a63e7f0322e71616766fd38a0bd35cc094a22e8df9d2e.elf
File opened for reading	/proc/445/cmdline	1cdaf1eca20accfbba7a63e7f0322e71616766fd38a0bd35cc094a22e8df9d2e.elf
File opened for reading	/proc/705/cmdline	1cdaf1eca20accfbba7a63e7f0322e71616766fd38a0bd35cc094a22e8df9d2e.elf
File opened for reading	/proc/5/cmdline	1cdaf1eca20accfbba7a63e7f0322e71616766fd38a0bd35cc094a22e8df9d2e.elf
File opened for reading	/proc/143/cmdline	1cdaf1eca20accfbba7a63e7f0322e71616766fd38a0bd35cc094a22e8df9d2e.elf
File opened for reading	/proc/726/cmdline	1cdaf1eca20accfbba7a63e7f0322e71616766fd38a0bd35cc094a22e8df9d2e.elf
File opened for reading	/proc/738/cmdline	1cdaf1eca20accfbba7a63e7f0322e71616766fd38a0bd35cc094a22e8df9d2e.elf
File opened for reading	/proc/741/cmdline	1cdaf1eca20accfbba7a63e7f0322e71616766fd38a0bd35cc094a22e8df9d2e.elf
File opened for reading	/proc/763/cmdline	1cdaf1eca20accfbba7a63e7f0322e71616766fd38a0bd35cc094a22e8df9d2e.elf
File opened for reading	/proc/1/cmdline	1cdaf1eca20accfbba7a63e7f0322e71616766fd38a0bd35cc094a22e8df9d2e.elf
File opened for reading	/proc/7/cmdline	1cdaf1eca20accfbba7a63e7f0322e71616766fd38a0bd35cc094a22e8df9d2e.elf
File opened for reading	/proc/8/cmdline	1cdaf1eca20accfbba7a63e7f0322e71616766fd38a0bd35cc094a22e8df9d2e.elf
File opened for reading	/proc/28/cmdline	1cdaf1eca20accfbba7a63e7f0322e71616766fd38a0bd35cc094a22e8df9d2e.elf
File opened for reading	/proc/43/cmdline	1cdaf1eca20accfbba7a63e7f0322e71616766fd38a0bd35cc094a22e8df9d2e.elf
File opened for reading	/proc/730/cmdline	1cdaf1eca20accfbba7a63e7f0322e71616766fd38a0bd35cc094a22e8df9d2e.elf

/tmp/1cdaf1eca20accfbba7a63e7f0322e71616766fd38a0bd35cc094a22e8df9d2e.elf
/tmp/1cdaf1eca20accfbba7a63e7f0322e71616766fd38a0bd35cc094a22e8df9d2e.elf
1⤵
- Changes its process name
- Reads runtime system information
PID:713

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads