Analysis

  • max time kernel
    140s
  • max time network
    185s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20240611-en
  • resource tags

    arch:armhfimage:debian9-armhf-20240611-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    24-11-2024 01:06

General

  • Target

    fd830c02492d532df51a67b2ee3a481bc0ff31a7f5809a044389b4db1f2c373c.elf

  • Size

    105KB

  • MD5

    1a4b79c705b2597ae41b0443957d6199

  • SHA1

    56e96574b23152274161311d15e03c526eb09ce2

  • SHA256

    fd830c02492d532df51a67b2ee3a481bc0ff31a7f5809a044389b4db1f2c373c

  • SHA512

    52f0ab8e2365fae38a3e277ea3063af69cff6c8d2f67f28c5b9c418bcc46d0ed360d74a838aa8eeeb72bea2dee1aaccf2312507c6e6befea79d6204ab6941f51

  • SSDEEP

    3072:MSY+46m1qOzsshFPueFhkPmkZrQAhPDCXFke:06mgOzJhFPJEmkZrQAhPDCXFke

Score
6/10

Malware Config

Signatures

  • Reads system routing table 1 TTPs 1 IoCs

    Gets active network interfaces from /proc virtual filesystem.

  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

Processes

  • /tmp/fd830c02492d532df51a67b2ee3a481bc0ff31a7f5809a044389b4db1f2c373c.elf
    /tmp/fd830c02492d532df51a67b2ee3a481bc0ff31a7f5809a044389b4db1f2c373c.elf
    1⤵
    • Reads system routing table
    • Reads system network configuration
    PID:655

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads