Overview

overview

10

Static

static

10

61692b9332...2b.elf

debian-9-armhf

6

Analysis

  • max time kernel
    149s
  • max time network
    151s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20240418-en
  • resource tags

    arch:armhfimage:debian9-armhf-20240418-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    23/12/2024, 02:14

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    61692b93323b0b8699080be55f00a7f8b08676cf78a2927a913794347f30892b.elf

  • Size

    175KB

  • MD5

    3cb7f09ee95355d0ecf9166d196a2005

  • SHA1

    00b23ecc99df8164d128d033542730a326cb898d

  • SHA256

    61692b93323b0b8699080be55f00a7f8b08676cf78a2927a913794347f30892b

  • SHA512

    5d7dbf2a88fcddcaf09cf224582a139f0951aa0e3b1e28314dbdd205f49e83d613ac3ff7a85a7e1ee263ad6474420fc766c30967c04e75d509079d29a653a3f4

  • SSDEEP

    3072:3tbNtVjxrvAqTkYaDsh+OcAhf/HSwBjdo2nJ/o/wM/R8+n:3tdxr9oYaDsh+nAxRBBo2JgIM/R8+n

Score
6/10
discovery

Malware Config

Signatures

  • Enumerates running processes

    Discovers information about currently running processes on the system

  • Changes its process name 1 IoCs
  • Reads runtime system information 64 IoCs

    Reads data from /proc virtual filesystem.

    discovery

Processes

  • /tmp/61692b93323b0b8699080be55f00a7f8b08676cf78a2927a913794347f30892b.elf
    /tmp/61692b93323b0b8699080be55f00a7f8b08676cf78a2927a913794347f30892b.elf
    1⤵
    • Changes its process name
    • Reads runtime system information
    PID:645

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads