Overview

overview

10

Static

static

10

1c1dc1423d...a1.elf

debian-9-armhf

7

Analysis

  • max time kernel
    149s
  • max time network
    147s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20240418-en
  • resource tags

    arch:armhfimage:debian9-armhf-20240418-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    12-12-2024 02:07

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1c1dc1423dcc8ad33c0c384334766ea2d3393fe9f0a342717a2e1ba5e069a3a1.elf

  • Size

    130KB

  • MD5

    06310d6b0a1b04ff36e52b4c2e5bbb12

  • SHA1

    2a0ac071d55361af65500e8242de7f63c5714abb

  • SHA256

    1c1dc1423dcc8ad33c0c384334766ea2d3393fe9f0a342717a2e1ba5e069a3a1

  • SHA512

    1f5e1e449319194c42e80362e34d1d302e584e8293bd0391da4f16c281bd5c28870c472e90580bf28e7685faa3bd8e28ec1fbfa8228917d33e171918d7bc779b

  • SSDEEP

    1536:wKdzElm18uZJNb4A/Fa8eAZHk4VB7fzTTfHh+gYSvvqeqZfB20ly+wyw6RNP8TGf:wKp50wU8e947LPHh+zS6thBZ6xKV

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Traces itself 2 IoCs

    Traces itself to prevent debugging attempts

  • Changes its process name 1 IoCs
  • Writes file to tmp directory 1 IoCs

    Malware often drops required files in the /tmp directory.

Processes

  • /tmp/1c1dc1423dcc8ad33c0c384334766ea2d3393fe9f0a342717a2e1ba5e069a3a1.elf
    /tmp/1c1dc1423dcc8ad33c0c384334766ea2d3393fe9f0a342717a2e1ba5e069a3a1.elf
    1⤵
    • Deletes itself
    • Traces itself
    • Changes its process name
    • Writes file to tmp directory
    PID:646

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads