c82f09cfd95dc91ca98e5a5cda13e5652449bfa9946d5309867a6c4f6e1f0ed9

Analysis

max time kernel
149s
max time network
160s
platform
debian-9_armhf
resource
debian9-armhf-20240611-en
resource tags

arch:armhfimage:debian9-armhf-20240611-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
submitted
10-01-2025 03:59

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

c82f09cfd95dc91ca98e5a5cda13e5652449bfa9946d5309867a6c4f6e1f0ed9.elf
Size

119KB
MD5

181bbb04ad8aeb8c587d5c5db62a9034
SHA1

9557d6b561a23eb8bd246d6653e5014f35f51f19
SHA256

c82f09cfd95dc91ca98e5a5cda13e5652449bfa9946d5309867a6c4f6e1f0ed9
SHA512

2f74e64400d75d93ecee64e0cfba6d61792c181ca4fc6fb0903f23b7dd8cae52f8a942d139950e173f531cf7a267a1bb62781fcffeb0e4f4843aa0622d462839
SSDEEP

3072:ZHxsY8kYWNKYCGACj7zQWWrU1PKN5QtX7I0bz3:0Y8XkDn7j7jPKN5QtX7I0bz3

Score

6^/10

discovery

Malware Config

Signatures

Reads system routing table 1 TTPs 1 IoCs

Gets active network interfaces from /proc virtual filesystem.

discovery

Internet Connection Discovery

T1016.001

description	ioc	Process
File opened for reading	/proc/net/route	c82f09cfd95dc91ca98e5a5cda13e5652449bfa9946d5309867a6c4f6e1f0ed9.elf

Reads system network configuration 1 TTPs 1 IoCs

Uses contents of /proc filesystem to enumerate network settings.

discovery

Internet Connection Discovery

T1016.001

description	ioc	Process
File opened for reading	/proc/net/route	c82f09cfd95dc91ca98e5a5cda13e5652449bfa9946d5309867a6c4f6e1f0ed9.elf

/tmp/c82f09cfd95dc91ca98e5a5cda13e5652449bfa9946d5309867a6c4f6e1f0ed9.elf
/tmp/c82f09cfd95dc91ca98e5a5cda13e5652449bfa9946d5309867a6c4f6e1f0ed9.elf
1⤵
- Reads system routing table
- Reads system network configuration
PID:655

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

T1016

Internet Connection Discovery

T1016.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads