Overview

overview

10

Static

static

10

ngwa5.elf

debian-9-armhf

7

Analysis

  • max time kernel
    138s
  • max time network
    142s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20240611-en
  • resource tags

    arch:armhfimage:debian9-armhf-20240611-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    10-01-2025 18:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ngwa5.elf

  • Size

    138KB

  • MD5

    de35399ca5e5a0279e81f8684f881ef5

  • SHA1

    e650270eb095c3bcd46b584a7362ebed2072a976

  • SHA256

    2af4488381adf88522c2b490c0ee889dda0f581bc5626b0eb8117e6e451138a1

  • SHA512

    665020b803744dbc197c941374b3c25696026f60ae2e619f70612e87dd706118f936712a8770fcd58e50171757b2d42aae018b49affcb3bdaa57f4c2551660e7

  • SSDEEP

    1536:xEYRH9HK+hcCwXc5Q2xhr4Vt30TyWXcFnnvxOthrijO4FqAlhmwyw8/uBwhxxvK5:xEYrp75Qu4L0O8cFn0cOw9hrF

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Changes its process name 1 IoCs

Processes

  • /tmp/ngwa5.elf
    /tmp/ngwa5.elf
    1⤵
    • Deletes itself
    • Changes its process name
    PID:661

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads