Analysis
-
max time kernel
0s -
max time network
152s -
platform
debian-12_armhf -
resource
debian12-armhf-20240221-en -
resource tags
-
submitted
31-12-2024 07:48
General
-
Target
chernobyl.arm6.elf
-
Size
157KB
-
MD5
34a9e2878c4f4c1eab345d18e033db2e
-
SHA1
33e49592d3d7e4087badd191045c32ddb85e92fe
-
SHA256
c9e3cf153cad45b3f9ef7173e141fe0d66559d5b46f44cb9a271d84b4c488918
-
SHA512
191714373ed9019b2b9b62f188b7ba4e0ff95c2de7a692c0d1011332ab7307efde0301da8c685e3f3a0cd2201d27d85fa621bc1eb0b8a9c8bd32002d9a92d173
-
SSDEEP
3072:ChA2qd/yhKBgXz3uaOmzq+XCgEqxVXxg2mgwZBxSQzNa:32qd/2KBgD3ua/TXCgEqxVXVmgwZBxJg
Score
6/10
Malware Config
Signatures
-
Reads system routing table 1 TTPs 1 IoCs
Gets active network interfaces from /proc virtual filesystem.
-
Reads system network configuration 1 TTPs 1 IoCs
Uses contents of /proc filesystem to enumerate network settings.
Processes
-
/tmp/chernobyl.arm6.elf/tmp/chernobyl.arm6.elf1⤵
- Reads system routing table
- Reads system network configuration