Overview

overview

10

Static

static

10

efc7165c2a...ce.elf

debian-9-armhf

6

Analysis

  • max time kernel
    5s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20240729-en
  • resource tags

    arch:armhfimage:debian9-armhf-20240729-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    28-12-2024 03:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    efc7165c2ae8f899dac4591c910166d8e9b11af6393947ea06ed365432389ece.elf

  • Size

    59KB

  • MD5

    7f662812ede5182b5c29a0fbc2ea1194

  • SHA1

    3039b2fec557819f487e25914342ea71c40f8f82

  • SHA256

    efc7165c2ae8f899dac4591c910166d8e9b11af6393947ea06ed365432389ece

  • SHA512

    aa416ae5fe611567691c16f74db98a4a0afbba84c4c391ca346c55661fdc13ca68323b9be3c694cc7365e0d0be3bcf6422208dfa47be3c1172ec1b84b740b722

  • SSDEEP

    768:lP6aHMzAR6hM2uQBTPpdxnlILKU0vVONyjgGhd2G4NMiplImpcvwJZY10UoZvBqJ:0aHuAzgjjfUKU0NONyjgG+7XtJa10fB

Score
6/10
discovery

Malware Config

Signatures

  • Enumerates active TCP sockets 1 TTPs 1 IoCs

    Gets active TCP sockets from /proc virtual filesystem.

    discovery
  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

    discovery

Processes

  • /tmp/efc7165c2ae8f899dac4591c910166d8e9b11af6393947ea06ed365432389ece.elf
    /tmp/efc7165c2ae8f899dac4591c910166d8e9b11af6393947ea06ed365432389ece.elf
    1⤵
    • Enumerates active TCP sockets
    • Reads system network configuration
    PID:660

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads