217e9be37888e8f1dfc24258133d14486f687930249ee2cdb22ac0ab07a3f04e | Triage

Analysis

max time kernel
0s
max time network
4s
platform
debian-9_armhf
resource
debian9-armhf-20240611-en
resource tags

arch:armhfimage:debian9-armhf-20240611-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
submitted
05/03/2025, 07:37

Sharing

Report Analysis Logs

General

Target

jew.ppc.elf
Size

111KB
MD5

03ecd825a645257eae557c815d177748
SHA1

28903c371efc9e322466f4f9e1f445bb7f4594b2
SHA256

217e9be37888e8f1dfc24258133d14486f687930249ee2cdb22ac0ab07a3f04e
SHA512

281458debe56982ce0d1178f814b9c6bd52c4d536c17e45ed8140c15ec3527fcefeab2131a7eae9030917d296a153309a0699a4500518bac22125b30011f9fa9
SSDEEP

3072:o/1lxkoWAKnzOv6rDdVx549UJ5/GMB4b41qr/vBUQR6zAAgXP:zldVkUJ5/Geg/vBUQR6zAAgXP

Score

4^/10

Malware Config

Signatures

Changes its process name 1 IoCs

description	pid	Process
Changes the process name, possibly in an attempt to hide itself	652	jew.ppc.elf

/tmp/jew.ppc.elf
/tmp/jew.ppc.elf
1⤵
- Changes its process name
PID:652

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads