Analysis
-
max time kernel
149s -
max time network
151s -
platform
debian-9_armhf -
resource
debian9-armhf-20240418-en -
resource tags
-
submitted
09/12/2024, 02:26
General
-
Target
643fd25e7212d48feda437a87494ca9dc5482a483a703ec435bb0427df661e5a.elf
-
Size
126KB
-
MD5
38b82dfde503b66e2234b4e482ae6773
-
SHA1
31839843166e40ad92c3bda2c8d0624222f940ca
-
SHA256
643fd25e7212d48feda437a87494ca9dc5482a483a703ec435bb0427df661e5a
-
SHA512
3c281b60468bd4cc4246fd5fd47c9e779610d4d3898001a745928c6e7c97dcc0613b3ad8b352afb282ba35c87b3ac4495699b72ae20d0e0075f0a3346c7e070c
-
SSDEEP
1536:pXKa0rG5yC/cMChygtwOBdWFAcJX4VlgXTA70FoDUGBr7k51WhPV1lHFwywEReQd:pKaprMh7eOXWFh4UX40FoDJBkvWR2SO
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Traces itself 2 IoCs
Traces itself to prevent debugging attempts
-
Changes its process name 1 IoCs
-
Writes file to tmp directory 1 IoCs
Malware often drops required files in the /tmp directory.
Processes
-
/tmp/643fd25e7212d48feda437a87494ca9dc5482a483a703ec435bb0427df661e5a.elf/tmp/643fd25e7212d48feda437a87494ca9dc5482a483a703ec435bb0427df661e5a.elf1⤵
- Deletes itself
- Traces itself
- Changes its process name
- Writes file to tmp directory