9672abab573b4770264db09be4672170e8a5ace2beb2997cce1ec31dc1a90831 | Triage

Analysis

max time kernel
149s
max time network
160s
platform
debian-9_armhf
resource
debian9-armhf-20240611-en
resource tags

arch:armhfimage:debian9-armhf-20240611-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
submitted
05/03/2025, 06:32

Sharing

Report Analysis Logs

General

Target

Okami.arm4.elf
Size

103KB
MD5

e52e05ee9bab4ff88b3ee74b93cc7d70
SHA1

e710965854b34572cc306c0bac1bed329b1d5eb0
SHA256

9672abab573b4770264db09be4672170e8a5ace2beb2997cce1ec31dc1a90831
SHA512

ce6f5926970c770dcbbc21a78276da992a06e853fa84a1f55827d48da7c2ca8824aa50fae631edfcb65c700b8e490520c75c434b212a5e3e3c6fbd563e4c7192
SSDEEP

3072:oROlP82W5t0i0g5hWIxevff8iowWQQkha6Qzadn:dlWTL0g5hVxeHowWQQkha6Qzadn

Score

4^/10

Malware Config

Signatures

Changes its process name 1 IoCs

description	pid	Process
Changes the process name, possibly in an attempt to hide itself	641	Okami.arm4.elf

/tmp/Okami.arm4.elf
/tmp/Okami.arm4.elf
1⤵
- Changes its process name
PID:641

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads