Overview

overview

10

Static

static

10

main_arm7.elf

debian-12-armhf

7

Analysis

  • max time kernel
    149s
  • max time network
    162s
  • platform
    debian-12_armhf
  • resource
    debian12-armhf-20240221-en
  • resource tags

    arch:armhfimage:debian12-armhf-20240221-enkernel:6.1.0-17-armmp-lpaelocale:en-usos:debian-12-armhfsystem
  • submitted
    29-12-2024 22:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    main_arm7.elf

  • Size

    177KB

  • MD5

    bd827c8352a04573804d21482a13085d

  • SHA1

    3890590d599f90afb2213b48b26f38d736374314

  • SHA256

    5a83a114618b3ff9218749032e0db52284af78173721dcb01693d032c3f39db6

  • SHA512

    8fb97a8c0a3d7c1c57c02d601ca23ead997db541f8da0efb59cd50c040a0970762bb10e7ef9022d937c794abb5220433e82a0a2d00dbf9402113277750ca5284

  • SSDEEP

    3072:8Le6vh5G1QIruCee+asuTuRebU7IVILbZQe38YhTfYo+M/RzApthLn:0e6vfRIr1r+asuTuReAvLb/38+x+M/R+

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Traces itself 2 IoCs

    Traces itself to prevent debugging attempts

  • Changes its process name 1 IoCs
  • Writes file to tmp directory 1 IoCs

    Malware often drops required files in the /tmp directory.

Processes

  • /tmp/main_arm7.elf
    /tmp/main_arm7.elf
    1⤵
    • Deletes itself
    • Traces itself
    • Changes its process name
    • Writes file to tmp directory
    PID:709

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads