Analysis

  • max time kernel
    140s
  • max time network
    185s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20240611-en
  • resource tags

    arch:armhfimage:debian9-armhf-20240611-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    24-11-2024 01:06

General

  • Target

    fd830c02492d532df51a67b2ee3a481bc0ff31a7f5809a044389b4db1f2c373c.elf

  • Size

    105KB

  • MD5

    1a4b79c705b2597ae41b0443957d6199

  • SHA1

    56e96574b23152274161311d15e03c526eb09ce2

  • SHA256

    fd830c02492d532df51a67b2ee3a481bc0ff31a7f5809a044389b4db1f2c373c

  • SHA512

    52f0ab8e2365fae38a3e277ea3063af69cff6c8d2f67f28c5b9c418bcc46d0ed360d74a838aa8eeeb72bea2dee1aaccf2312507c6e6befea79d6204ab6941f51

  • SSDEEP

    3072:MSY+46m1qOzsshFPueFhkPmkZrQAhPDCXFke:06mgOzJhFPJEmkZrQAhPDCXFke

Score
6/10

Malware Config

Signatures

  • Reads system routing table 1 TTPs 1 IoCs

    Gets active network interfaces from /proc virtual filesystem.

  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

Processes

  • /tmp/fd830c02492d532df51a67b2ee3a481bc0ff31a7f5809a044389b4db1f2c373c.elf
    /tmp/fd830c02492d532df51a67b2ee3a481bc0ff31a7f5809a044389b4db1f2c373c.elf
    1⤵
    • Reads system routing table
    • Reads system network configuration
    PID:655

Network

    No results found
  • 188.245.84.178:1865
    360 B
    6
  • 188.245.84.178:1865
    360 B
    6
  • 188.245.84.178:1865
    360 B
    6
  • 188.245.84.178:1865
    360 B
    6
  • 188.245.84.178:1865
    240 B
    4
No results found

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.