Analysis
-
max time kernel
140s -
max time network
185s -
platform
debian-9_armhf -
resource
debian9-armhf-20240611-en -
resource tags
arch:armhfimage:debian9-armhf-20240611-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem -
submitted
24-11-2024 01:06
Behavioral task
behavioral1
Sample
fd830c02492d532df51a67b2ee3a481bc0ff31a7f5809a044389b4db1f2c373c.elf
Resource
debian9-armhf-20240611-en
debian-9-armhf
2 signatures
150 seconds
General
-
Target
fd830c02492d532df51a67b2ee3a481bc0ff31a7f5809a044389b4db1f2c373c.elf
-
Size
105KB
-
MD5
1a4b79c705b2597ae41b0443957d6199
-
SHA1
56e96574b23152274161311d15e03c526eb09ce2
-
SHA256
fd830c02492d532df51a67b2ee3a481bc0ff31a7f5809a044389b4db1f2c373c
-
SHA512
52f0ab8e2365fae38a3e277ea3063af69cff6c8d2f67f28c5b9c418bcc46d0ed360d74a838aa8eeeb72bea2dee1aaccf2312507c6e6befea79d6204ab6941f51
-
SSDEEP
3072:MSY+46m1qOzsshFPueFhkPmkZrQAhPDCXFke:06mgOzJhFPJEmkZrQAhPDCXFke
Score
6/10
Malware Config
Signatures
-
Reads system routing table 1 TTPs 1 IoCs
Gets active network interfaces from /proc virtual filesystem.
description ioc Process File opened for reading /proc/net/route fd830c02492d532df51a67b2ee3a481bc0ff31a7f5809a044389b4db1f2c373c.elf -
Reads system network configuration 1 TTPs 1 IoCs
Uses contents of /proc filesystem to enumerate network settings.
description ioc Process File opened for reading /proc/net/route fd830c02492d532df51a67b2ee3a481bc0ff31a7f5809a044389b4db1f2c373c.elf