Overview

overview

10

Static

static

10

9dc9187093...e7.elf

debian-9-armhf

7

Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20240418-en
  • resource tags

    arch:armhfimage:debian9-armhf-20240418-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    16-12-2024 02:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    9dc918709324a4b120d8811d3fe7e6fc75ec2ef02a2ea0166ad93f2c2f7a53e7.elf

  • Size

    130KB

  • MD5

    1abbfe1b6c9f7c51a59fd60bfeec77a8

  • SHA1

    3ce4b9e95625ebbd7e472ab6a56a5eaf7c64e709

  • SHA256

    9dc918709324a4b120d8811d3fe7e6fc75ec2ef02a2ea0166ad93f2c2f7a53e7

  • SHA512

    8839f3513e4b2a18c09fa7d0f49b0940fec0aa653e5bf052cfe0c0f7c48df997b0c5b1d1ecb7281e0ae69ac9b4171e43b913e8d90d3e77609909df2781164c81

  • SSDEEP

    1536:wKdzElm18uZJNb4AeFa8eAZHk4VB7fzTTfHh+gYSvvqeqZfB20ly+wyw6RNP8TG+:wKp50BU8e947LPHh+zS6thBZ6xKo

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Traces itself 2 IoCs

    Traces itself to prevent debugging attempts

  • Changes its process name 1 IoCs
  • Writes file to tmp directory 1 IoCs

    Malware often drops required files in the /tmp directory.

Processes

  • /tmp/9dc918709324a4b120d8811d3fe7e6fc75ec2ef02a2ea0166ad93f2c2f7a53e7.elf
    /tmp/9dc918709324a4b120d8811d3fe7e6fc75ec2ef02a2ea0166ad93f2c2f7a53e7.elf
    1⤵
    • Deletes itself
    • Traces itself
    • Changes its process name
    • Writes file to tmp directory
    PID:648

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads