1af158829c1eaab13fd4f10719306e635e2f1bd391cf09129f2a786ae94cf124

Analysis

max time kernel
121s
max time network
126s
platform
debian-12_mipsel
resource
debian12-mipsel-20240418-en
resource tags

arch:mipselimage:debian12-mipsel-20240418-enkernel:6.1.0-17-4kc-maltalocale:en-usos:debian-12-mipselsystem
submitted
03/03/2025, 02:08

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

1af158829c1eaab13fd4f10719306e635e2f1bd391cf09129f2a786ae94cf124.elf
Size

171KB
MD5

24598a94e9cf8b9ede0fec1482a25ed1
SHA1

236d2b693107f268c52f7c1b8d909d5d5c2dbbe1
SHA256

1af158829c1eaab13fd4f10719306e635e2f1bd391cf09129f2a786ae94cf124
SHA512

cdd54a4d9863a05bab28097b790ba2bc7cc12d2b1ff18a3dff90d24477fe6fd9e79b2a9d52bd96e551aadee903172d7ba6b62ffb9338705b22f0ff2b85166222
SSDEEP

3072:sCQ9W+9HQ1wsboetJ8add9Qzhs543odtDDqucwVi+MJk:sCN9bboetJ8addQMhdtDDqucw4+MJk

Score

6^/10

discovery

Malware Config

Signatures

Reads system routing table 1 TTPs 1 IoCs

Gets active network interfaces from /proc virtual filesystem.

discovery

Internet Connection Discovery

T1016.001

description	ioc	Process
File opened for reading	/proc/net/route	1af158829c1eaab13fd4f10719306e635e2f1bd391cf09129f2a786ae94cf124.elf

Changes its process name 1 IoCs

description	pid	Process
Changes the process name, possibly in an attempt to hide itself	743	1af158829c1eaab13fd4f10719306e635e2f1bd391cf09129f2a786ae94cf124.elf

Reads system network configuration 1 TTPs 1 IoCs

Uses contents of /proc filesystem to enumerate network settings.

discovery

Internet Connection Discovery

T1016.001

description	ioc	Process
File opened for reading	/proc/net/route	1af158829c1eaab13fd4f10719306e635e2f1bd391cf09129f2a786ae94cf124.elf

/tmp/1af158829c1eaab13fd4f10719306e635e2f1bd391cf09129f2a786ae94cf124.elf
/tmp/1af158829c1eaab13fd4f10719306e635e2f1bd391cf09129f2a786ae94cf124.elf
1⤵
- Reads system routing table
- Changes its process name
- Reads system network configuration
PID:743

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

T1016

Internet Connection Discovery

T1016.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads