Analysis

  • max time kernel
    149s
  • max time network
    156s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20240611-en
  • resource tags

    arch:armhfimage:debian9-armhf-20240611-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    24-12-2024 01:01

General

  • Target

    4635fa4a1b51aa255660ea65d35ae51fa9a010d563a78a39e3b6e3b19a70d133.elf

  • Size

    180KB

  • MD5

    1dda88dbd2c59d84714bc4ec05e23580

  • SHA1

    94565d334d29e8f6a2210b4e1753f0c5e792851d

  • SHA256

    4635fa4a1b51aa255660ea65d35ae51fa9a010d563a78a39e3b6e3b19a70d133

  • SHA512

    2306d5c0a0c074e3093e547066cddbb8a7983e59a40919042e2831e90195f9f73bd7a030553f9ccad202993eb13a72921b5eb34efe166e950952f50161585f81

  • SSDEEP

    3072:5UStdNqma1W9YHk9ah/QqXFgwakY7mo6nx/YpEoGM/RhkwLTNN:qSnNE1W6E9ah/Qq1gB2o2x/yJGM/Rhku

Score
6/10

Malware Config

Signatures

  • Enumerates running processes

    Discovers information about currently running processes on the system

  • Changes its process name 1 IoCs
  • Reads runtime system information 64 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/4635fa4a1b51aa255660ea65d35ae51fa9a010d563a78a39e3b6e3b19a70d133.elf
    /tmp/4635fa4a1b51aa255660ea65d35ae51fa9a010d563a78a39e3b6e3b19a70d133.elf
    1⤵
    • Changes its process name
    • Reads runtime system information
    PID:641

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads