68da537f746785385928f5d3d12168366d875eec37ceb7ee279b73171c952854

Analysis

max time kernel
146s
max time network
148s
platform
debian-9_mipsel
resource
debian9-mipsel-20240611-en
resource tags

arch:mipselimage:debian9-mipsel-20240611-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipselsystem
submitted
11-01-2025 06:33

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

sst.elf
Size

110KB
MD5

6a55ead8eb2698f87fb09573d104d89f
SHA1

7a5041c2e7c9e97ecdf6db087077be557e8ef057
SHA256

68da537f746785385928f5d3d12168366d875eec37ceb7ee279b73171c952854
SHA512

aed7ca2d6fd7b8b1833708d24c95bf342511663ba0d93d7d6a890eae824c3ecde47f25cbc7943332020f8a4a6938571ac51e6f24c42245d63eea7eb45330fb15
SSDEEP

1536:/LeTEl+xRnSMOEr9ZTun5ATI3fMgHfCRDFqUmkiSFxfC7xbXe:/ISZEr9f6fMJjqUmkiSFxfKxbXe

Score

6^/10

discovery

Malware Config

Signatures

Reads system routing table 1 TTPs 1 IoCs

Gets active network interfaces from /proc virtual filesystem.

discovery

Internet Connection Discovery

T1016.001

description	ioc	Process
File opened for reading	/proc/net/route	sst.elf

Reads system network configuration 1 TTPs 1 IoCs

Uses contents of /proc filesystem to enumerate network settings.

discovery

Internet Connection Discovery

T1016.001

description	ioc	Process
File opened for reading	/proc/net/route	sst.elf

/tmp/sst.elf
/tmp/sst.elf
1⤵
- Reads system routing table
- Reads system network configuration
PID:705

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

T1016

Internet Connection Discovery

T1016.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads