Analysis
-
max time kernel
150s -
max time network
162s -
platform
debian-9_armhf -
resource
debian9-armhf-20240611-en -
resource tags
-
submitted
07-12-2024 09:47
General
-
Target
a-r.m-5.Sakura.elf
-
Size
98KB
-
MD5
78105878c2bcacf9fd13adec1e5c4375
-
SHA1
2f7195f3435cf620f37c780368b12fe1e2c2013d
-
SHA256
e8bebdf7b8dc2de8e75d5eefe79ad542c844489a66e55aea6245b8dad826a4ba
-
SHA512
945a77dc48274a28d4c0e09fae55378fb314cbee51aa58f4cb272f35bf652f351de5a99dea80f03da7621a525143eead2161952e29aa8120514e5a5b73de3607
-
SSDEEP
3072:VSx+i6mqaObhNRnPNKV+qKmZuqQ4DPwXXtse:y6mRObnRnP7qKmZuqQ4DPwXXtse
Score
6/10
Malware Config
Signatures
-
Reads system routing table 1 TTPs 1 IoCs
Gets active network interfaces from /proc virtual filesystem.
-
Reads system network configuration 1 TTPs 1 IoCs
Uses contents of /proc filesystem to enumerate network settings.
Processes
-
/tmp/a-r.m-5.Sakura.elf/tmp/a-r.m-5.Sakura.elf1⤵
- Reads system routing table
- Reads system network configuration