bbd91c692d5e0754e82a982e7d6f2a4dcbfdd5af5e3d8819a8aec4203e1de83c

Analysis

max time kernel
1s
max time network
153s
platform
debian-12_armhf
resource
debian12-armhf-20240221-en
resource tags

arch:armhfimage:debian12-armhf-20240221-enkernel:6.1.0-17-armmp-lpaelocale:en-usos:debian-12-armhfsystem
submitted
19/02/2025, 05:26

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

bbd91c692d5e0754e82a982e7d6f2a4dcbfdd5af5e3d8819a8aec4203e1de83c.elf
Size

175KB
MD5

9c779dd03f0116c1db1af160a39b05d6
SHA1

1a6b6a6b6121d94f0c6f1d842be8ead9ffb18ae1
SHA256

bbd91c692d5e0754e82a982e7d6f2a4dcbfdd5af5e3d8819a8aec4203e1de83c
SHA512

cb53a8362708f1f9210aad22e80a6a1d2ca152c9f021a42a1248aef85813d0c853bb449121a9aef1b292e886ccc758f2cbdaa6097ff92010514d711da983f544
SSDEEP

3072:KV/Yb/dnp+eQPGE+uTSaJ9XziklNNr349hRkUZoQr3zVbYM/98OnIFXmmw3Bq/1A:G+KSaJ9XzXlNW9hREQr3z+M/98rlmmw/

Score

7^/10

Malware Config

Signatures

Writes DNS configuration 1 TTPs 1 IoCs

Writes data to DNS resolver config file.

Adversary-in-the-Middle

T1557

description	ioc	Process
File opened for modification	/etc/resolv.conf	bbd91c692d5e0754e82a982e7d6f2a4dcbfdd5af5e3d8819a8aec4203e1de83c.elf

Changes its process name 1 IoCs

description	pid	Process
Changes the process name, possibly in an attempt to hide itself	711	bbd91c692d5e0754e82a982e7d6f2a4dcbfdd5af5e3d8819a8aec4203e1de83c.elf

/tmp/bbd91c692d5e0754e82a982e7d6f2a4dcbfdd5af5e3d8819a8aec4203e1de83c.elf
/tmp/bbd91c692d5e0754e82a982e7d6f2a4dcbfdd5af5e3d8819a8aec4203e1de83c.elf
1⤵
- Writes DNS configuration
- Changes its process name
PID:711

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Adversary-in-the-Middle

T1557

Discovery

Lateral Movement

Collection

Adversary-in-the-Middle

T1557

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads