Overview

overview

10

Static

static

10

8a63867373...05.elf

debian-9-armhf

6

Analysis

  • max time kernel
    145s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20240729-en
  • resource tags

    arch:armhfimage:debian9-armhf-20240729-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    01/03/2025, 03:41

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8a63867373e137707a9c4c2285cdea70a76bd1a16afb7b14414724f9aedacd05.elf

  • Size

    108KB

  • MD5

    dda1e45981458bf8a12c4baf6a3c09eb

  • SHA1

    3eee156bc96d79ce7fc7efd94140709c41d48c50

  • SHA256

    8a63867373e137707a9c4c2285cdea70a76bd1a16afb7b14414724f9aedacd05

  • SHA512

    a3139e44bd96035808d90e675494be632d0bd8c2d5ad5fa44d17a86d5a9312f6b58256e95b2a52c8b06151ab454ca1d1c96c0843a6b9ad3220c0f798c30e186f

  • SSDEEP

    3072:01rJLKDLzea8Yj+yYGIGZfZQomiQ9WtX9+a:01rJgzea+yYG1QomiQ9Wx9+a

Score
6/10
discovery

Malware Config

Signatures

  • Reads system routing table 1 TTPs 1 IoCs

    Gets active network interfaces from /proc virtual filesystem.

    discovery
  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

    discovery

Processes

  • /tmp/8a63867373e137707a9c4c2285cdea70a76bd1a16afb7b14414724f9aedacd05.elf
    /tmp/8a63867373e137707a9c4c2285cdea70a76bd1a16afb7b14414724f9aedacd05.elf
    1⤵
    • Reads system routing table
    • Reads system network configuration
    PID:646

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads