e89740393b2eaa762d9de711ea7c903fa0fc3bfdae59631d72a0c2dd5c11931f

Analysis

max time kernel
150s
max time network
155s
platform
debian-9_armhf
resource
debian9-armhf-20240611-en
resource tags

arch:armhfimage:debian9-armhf-20240611-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
submitted
28-11-2024 03:42

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

e89740393b2eaa762d9de711ea7c903fa0fc3bfdae59631d72a0c2dd5c11931f.elf
Size

182KB
MD5

55fff637ad2247510526d8745abad3c2
SHA1

758fad13293dcb683db84449a5949384ae4255d6
SHA256

e89740393b2eaa762d9de711ea7c903fa0fc3bfdae59631d72a0c2dd5c11931f
SHA512

01d8cc7dae9b16c7e821822541dced0250cac1e8f7d15c23c22e7d8a0bcd34f0e8c4fdefe2c0cb0b00666f4da618a68762e6911240914d4c4e108fd27c90c43c
SSDEEP

3072:PElcCbm2Pynp7kFaVA8GvMcMlVsqQo671/PjkoQVM/RNG:PElrXPypwFaVA8GEcqyom1/rpQVM/Rs

Score

6^/10

discovery

Malware Config

Signatures

Enumerates running processes
Discovers information about currently running processes on the system

Changes its process name 1 IoCs

description	ioc	pid	Process
Changes the process name, possibly in an attempt to hide itself	a- M "	662	e89740393b2eaa762d9de711ea7c903fa0fc3bfdae59631d72a0c2dd5c11931f.elf

Reads runtime system information 64 IoCs

Reads data from /proc virtual filesystem.

discovery

description	ioc	Process
File opened for reading	/proc/695/cmdline	e89740393b2eaa762d9de711ea7c903fa0fc3bfdae59631d72a0c2dd5c11931f.elf
File opened for reading	/proc/733/cmdline	e89740393b2eaa762d9de711ea7c903fa0fc3bfdae59631d72a0c2dd5c11931f.elf
File opened for reading	/proc/742/cmdline	e89740393b2eaa762d9de711ea7c903fa0fc3bfdae59631d72a0c2dd5c11931f.elf
File opened for reading	/proc/5/cmdline	e89740393b2eaa762d9de711ea7c903fa0fc3bfdae59631d72a0c2dd5c11931f.elf
File opened for reading	/proc/24/cmdline	e89740393b2eaa762d9de711ea7c903fa0fc3bfdae59631d72a0c2dd5c11931f.elf
File opened for reading	/proc/670/cmdline	e89740393b2eaa762d9de711ea7c903fa0fc3bfdae59631d72a0c2dd5c11931f.elf
File opened for reading	/proc/677/cmdline	e89740393b2eaa762d9de711ea7c903fa0fc3bfdae59631d72a0c2dd5c11931f.elf
File opened for reading	/proc/691/cmdline	e89740393b2eaa762d9de711ea7c903fa0fc3bfdae59631d72a0c2dd5c11931f.elf
File opened for reading	/proc/767/cmdline	e89740393b2eaa762d9de711ea7c903fa0fc3bfdae59631d72a0c2dd5c11931f.elf
File opened for reading	/proc/777/cmdline	e89740393b2eaa762d9de711ea7c903fa0fc3bfdae59631d72a0c2dd5c11931f.elf
File opened for reading	/proc/750/cmdline	e89740393b2eaa762d9de711ea7c903fa0fc3bfdae59631d72a0c2dd5c11931f.elf
File opened for reading	/proc/772/cmdline	e89740393b2eaa762d9de711ea7c903fa0fc3bfdae59631d72a0c2dd5c11931f.elf
File opened for reading	/proc/9/cmdline	e89740393b2eaa762d9de711ea7c903fa0fc3bfdae59631d72a0c2dd5c11931f.elf
File opened for reading	/proc/26/cmdline	e89740393b2eaa762d9de711ea7c903fa0fc3bfdae59631d72a0c2dd5c11931f.elf
File opened for reading	/proc/698/cmdline	e89740393b2eaa762d9de711ea7c903fa0fc3bfdae59631d72a0c2dd5c11931f.elf
File opened for reading	/proc/719/cmdline	e89740393b2eaa762d9de711ea7c903fa0fc3bfdae59631d72a0c2dd5c11931f.elf
File opened for reading	/proc/739/cmdline	e89740393b2eaa762d9de711ea7c903fa0fc3bfdae59631d72a0c2dd5c11931f.elf
File opened for reading	/proc/657/cmdline	e89740393b2eaa762d9de711ea7c903fa0fc3bfdae59631d72a0c2dd5c11931f.elf
File opened for reading	/proc/714/cmdline	e89740393b2eaa762d9de711ea7c903fa0fc3bfdae59631d72a0c2dd5c11931f.elf
File opened for reading	/proc/771/cmdline	e89740393b2eaa762d9de711ea7c903fa0fc3bfdae59631d72a0c2dd5c11931f.elf
File opened for reading	/proc/788/cmdline	e89740393b2eaa762d9de711ea7c903fa0fc3bfdae59631d72a0c2dd5c11931f.elf
File opened for reading	/proc/738/cmdline	e89740393b2eaa762d9de711ea7c903fa0fc3bfdae59631d72a0c2dd5c11931f.elf
File opened for reading	/proc/755/cmdline	e89740393b2eaa762d9de711ea7c903fa0fc3bfdae59631d72a0c2dd5c11931f.elf
File opened for reading	/proc/766/cmdline	e89740393b2eaa762d9de711ea7c903fa0fc3bfdae59631d72a0c2dd5c11931f.elf
File opened for reading	/proc/7/cmdline	e89740393b2eaa762d9de711ea7c903fa0fc3bfdae59631d72a0c2dd5c11931f.elf
File opened for reading	/proc/683/cmdline	e89740393b2eaa762d9de711ea7c903fa0fc3bfdae59631d72a0c2dd5c11931f.elf
File opened for reading	/proc/684/cmdline	e89740393b2eaa762d9de711ea7c903fa0fc3bfdae59631d72a0c2dd5c11931f.elf
File opened for reading	/proc/697/cmdline	e89740393b2eaa762d9de711ea7c903fa0fc3bfdae59631d72a0c2dd5c11931f.elf
File opened for reading	/proc/706/cmdline	e89740393b2eaa762d9de711ea7c903fa0fc3bfdae59631d72a0c2dd5c11931f.elf
File opened for reading	/proc/681/cmdline	e89740393b2eaa762d9de711ea7c903fa0fc3bfdae59631d72a0c2dd5c11931f.elf
File opened for reading	/proc/703/cmdline	e89740393b2eaa762d9de711ea7c903fa0fc3bfdae59631d72a0c2dd5c11931f.elf
File opened for reading	/proc/749/cmdline	e89740393b2eaa762d9de711ea7c903fa0fc3bfdae59631d72a0c2dd5c11931f.elf
File opened for reading	/proc/6/cmdline	e89740393b2eaa762d9de711ea7c903fa0fc3bfdae59631d72a0c2dd5c11931f.elf
File opened for reading	/proc/111/cmdline	e89740393b2eaa762d9de711ea7c903fa0fc3bfdae59631d72a0c2dd5c11931f.elf
File opened for reading	/proc/328/cmdline	e89740393b2eaa762d9de711ea7c903fa0fc3bfdae59631d72a0c2dd5c11931f.elf
File opened for reading	/proc/654/cmdline	e89740393b2eaa762d9de711ea7c903fa0fc3bfdae59631d72a0c2dd5c11931f.elf
File opened for reading	/proc/674/cmdline	e89740393b2eaa762d9de711ea7c903fa0fc3bfdae59631d72a0c2dd5c11931f.elf
File opened for reading	/proc/763/cmdline	e89740393b2eaa762d9de711ea7c903fa0fc3bfdae59631d72a0c2dd5c11931f.elf
File opened for reading	/proc/784/cmdline	e89740393b2eaa762d9de711ea7c903fa0fc3bfdae59631d72a0c2dd5c11931f.elf
File opened for reading	/proc/794/cmdline	e89740393b2eaa762d9de711ea7c903fa0fc3bfdae59631d72a0c2dd5c11931f.elf
File opened for reading	/proc/18/cmdline	e89740393b2eaa762d9de711ea7c903fa0fc3bfdae59631d72a0c2dd5c11931f.elf
File opened for reading	/proc/327/cmdline	e89740393b2eaa762d9de711ea7c903fa0fc3bfdae59631d72a0c2dd5c11931f.elf
File opened for reading	/proc/709/cmdline	e89740393b2eaa762d9de711ea7c903fa0fc3bfdae59631d72a0c2dd5c11931f.elf
File opened for reading	/proc/716/cmdline	e89740393b2eaa762d9de711ea7c903fa0fc3bfdae59631d72a0c2dd5c11931f.elf
File opened for reading	/proc/43/cmdline	e89740393b2eaa762d9de711ea7c903fa0fc3bfdae59631d72a0c2dd5c11931f.elf
File opened for reading	/proc/721/cmdline	e89740393b2eaa762d9de711ea7c903fa0fc3bfdae59631d72a0c2dd5c11931f.elf
File opened for reading	/proc/758/cmdline	e89740393b2eaa762d9de711ea7c903fa0fc3bfdae59631d72a0c2dd5c11931f.elf
File opened for reading	/proc/768/cmdline	e89740393b2eaa762d9de711ea7c903fa0fc3bfdae59631d72a0c2dd5c11931f.elf
File opened for reading	/proc/615/cmdline	e89740393b2eaa762d9de711ea7c903fa0fc3bfdae59631d72a0c2dd5c11931f.elf
File opened for reading	/proc/734/cmdline	e89740393b2eaa762d9de711ea7c903fa0fc3bfdae59631d72a0c2dd5c11931f.elf
File opened for reading	/proc/760/cmdline	e89740393b2eaa762d9de711ea7c903fa0fc3bfdae59631d72a0c2dd5c11931f.elf
File opened for reading	/proc/700/cmdline	e89740393b2eaa762d9de711ea7c903fa0fc3bfdae59631d72a0c2dd5c11931f.elf
File opened for reading	/proc/704/cmdline	e89740393b2eaa762d9de711ea7c903fa0fc3bfdae59631d72a0c2dd5c11931f.elf
File opened for reading	/proc/752/cmdline	e89740393b2eaa762d9de711ea7c903fa0fc3bfdae59631d72a0c2dd5c11931f.elf
File opened for reading	/proc/8/cmdline	e89740393b2eaa762d9de711ea7c903fa0fc3bfdae59631d72a0c2dd5c11931f.elf
File opened for reading	/proc/41/cmdline	e89740393b2eaa762d9de711ea7c903fa0fc3bfdae59631d72a0c2dd5c11931f.elf
File opened for reading	/proc/78/cmdline	e89740393b2eaa762d9de711ea7c903fa0fc3bfdae59631d72a0c2dd5c11931f.elf
File opened for reading	/proc/687/cmdline	e89740393b2eaa762d9de711ea7c903fa0fc3bfdae59631d72a0c2dd5c11931f.elf
File opened for reading	/proc/688/cmdline	e89740393b2eaa762d9de711ea7c903fa0fc3bfdae59631d72a0c2dd5c11931f.elf
File opened for reading	/proc/774/cmdline	e89740393b2eaa762d9de711ea7c903fa0fc3bfdae59631d72a0c2dd5c11931f.elf
File opened for reading	/proc/770/cmdline	e89740393b2eaa762d9de711ea7c903fa0fc3bfdae59631d72a0c2dd5c11931f.elf
File opened for reading	/proc/3/cmdline	e89740393b2eaa762d9de711ea7c903fa0fc3bfdae59631d72a0c2dd5c11931f.elf
File opened for reading	/proc/11/cmdline	e89740393b2eaa762d9de711ea7c903fa0fc3bfdae59631d72a0c2dd5c11931f.elf
File opened for reading	/proc/20/cmdline	e89740393b2eaa762d9de711ea7c903fa0fc3bfdae59631d72a0c2dd5c11931f.elf

/tmp/e89740393b2eaa762d9de711ea7c903fa0fc3bfdae59631d72a0c2dd5c11931f.elf
/tmp/e89740393b2eaa762d9de711ea7c903fa0fc3bfdae59631d72a0c2dd5c11931f.elf
1⤵
- Changes its process name
- Reads runtime system information
PID:662

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads