Analysis

  • max time kernel
    149s
  • max time network
    157s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20240611-en
  • resource tags

    arch:armhfimage:debian9-armhf-20240611-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    19-12-2024 02:31

General

  • Target

    318f3b4b6b2f531e4e751cabff838c28fe6428f98fd8afd2ed5b31dae14a4b0b.elf

  • Size

    130KB

  • MD5

    40f9cdbf19376d19ff3ef5fca9289194

  • SHA1

    bfd20653b0ab85622825731b60860367282ac549

  • SHA256

    318f3b4b6b2f531e4e751cabff838c28fe6428f98fd8afd2ed5b31dae14a4b0b

  • SHA512

    2c6979581d1805f39a82698fecf17b349b9298c25c15bc197be67cbdc1db2cdb044ac530b3f07f0b224196855fc39aef29f70c6edd86604af8fea66893150ba1

  • SSDEEP

    1536:LP8g2CSJG5mIOd34o1AE0Y1jAFrZ4V/3ETVONvva2MxjpChoDTl0bwywVFN+e4J8:L0FGM13V1jI45ERONvvmlpCe77QK

Score
6/10

Malware Config

Signatures

  • Enumerates running processes

    Discovers information about currently running processes on the system

  • Changes its process name 1 IoCs
  • Reads runtime system information 64 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/318f3b4b6b2f531e4e751cabff838c28fe6428f98fd8afd2ed5b31dae14a4b0b.elf
    /tmp/318f3b4b6b2f531e4e751cabff838c28fe6428f98fd8afd2ed5b31dae14a4b0b.elf
    1⤵
    • Changes its process name
    • Reads runtime system information
    PID:653

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads