Overview

overview

10

Static

static

10

17513266e3...bf.elf

debian-12-armhf

7

Analysis

  • max time kernel
    149s
  • max time network
    161s
  • platform
    debian-12_armhf
  • resource
    debian12-armhf-20240221-en
  • resource tags

    arch:armhfimage:debian12-armhf-20240221-enkernel:6.1.0-17-armmp-lpaelocale:en-usos:debian-12-armhfsystem
  • submitted
    26-12-2024 02:03

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    17513266e377eef6eb055a162d5bff5a4b72f142eebfb0b64bbe0666843a62bf.elf

  • Size

    177KB

  • MD5

    8669c377f312b7b18f26048a27b217bc

  • SHA1

    967ab691369b4af4058d267542c546f86c70924c

  • SHA256

    17513266e377eef6eb055a162d5bff5a4b72f142eebfb0b64bbe0666843a62bf

  • SHA512

    25ca861024de512b98cdaf1693cb2542c31ccc40e6e880c35a66f7a5f8a5b4a2018d845e928506f3611d4b97eb0fde3d637ed19da158d1f25549e685a9b2c70b

  • SSDEEP

    3072:OLe6vh31QIruCee+asuTuRebU7IVILHZQy38YhTfYo+M/Rvs1tlLn:ee6vhaIr1r+asuTuReAvLH738+x+M/RO

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Traces itself 2 IoCs

    Traces itself to prevent debugging attempts

  • Changes its process name 1 IoCs
  • Writes file to tmp directory 1 IoCs

    Malware often drops required files in the /tmp directory.

Processes

  • /tmp/17513266e377eef6eb055a162d5bff5a4b72f142eebfb0b64bbe0666843a62bf.elf
    /tmp/17513266e377eef6eb055a162d5bff5a4b72f142eebfb0b64bbe0666843a62bf.elf
    1⤵
    • Deletes itself
    • Traces itself
    • Changes its process name
    • Writes file to tmp directory
    PID:711

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads