Malware Analysis Report

2025-04-03 14:16

Sample ID 250312-cp8shavvd1
Target 1f1f7c69e432b41cdf522de890af713d05a640f0bcfeb8743517fe01d55fe183.elf
SHA256 1f1f7c69e432b41cdf522de890af713d05a640f0bcfeb8743517fe01d55fe183
Tags
golddigger
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

1f1f7c69e432b41cdf522de890af713d05a640f0bcfeb8743517fe01d55fe183

Threat Level: Known bad

The file 1f1f7c69e432b41cdf522de890af713d05a640f0bcfeb8743517fe01d55fe183.elf was found to be: Known bad.

Malicious Activity Summary

golddigger

Golddigger family

GoldDigger payload

MITRE ATT&CK

N/A

Analysis: static1

Detonation Overview

Reported

2025-03-12 02:16

Signatures

GoldDigger payload

Description Indicator Process Target
N/A N/A N/A N/A

Golddigger family

golddigger

Analysis: behavioral1

Detonation Overview

Submitted

2025-03-12 02:16

Reported

2025-03-12 02:18

Platform

debian12-armhf-20240221-en

Max time kernel

0s

Max time network

147s

Command Line

[/tmp/1f1f7c69e432b41cdf522de890af713d05a640f0bcfeb8743517fe01d55fe183.elf]

Signatures

N/A

Processes

/tmp/1f1f7c69e432b41cdf522de890af713d05a640f0bcfeb8743517fe01d55fe183.elf

[/tmp/1f1f7c69e432b41cdf522de890af713d05a640f0bcfeb8743517fe01d55fe183.elf]

Network

Country Destination Domain Proto
AU 1.1.1.1:53 debian12-armhf-20240221-en-2 udp
AU 1.1.1.1:53 debian12-armhf-20240221-en-2 udp
AU 1.1.1.1:53 debian12-armhf-20240221-en-2 udp
AU 1.1.1.1:53 debian12-armhf-20240221-en-2 udp

Files

N/A