2bf9715f2071b8504588a7e001b843c7b2bb0dbd8cced6406f0e10dd32850add

Analysis

max time kernel
146s
max time network
148s
platform
debian-9_armhf
resource
debian9-armhf-20240418-en
resource tags

arch:armhfimage:debian9-armhf-20240418-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
submitted
10/04/2025, 08:34

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

m-6.8-k.ISIS.elf
Size

161KB
MD5

5b1f068dcc04cc24978d52418431fbcc
SHA1

92c0ca9886b907514f7ed40edc0f5bbc8a0e38f6
SHA256

2bf9715f2071b8504588a7e001b843c7b2bb0dbd8cced6406f0e10dd32850add
SHA512

3acf5d0b0565ba2a28811a335814208ec2e8bc21d042f7b4d711c4c32dcfb3d780cfabe2b7b4f622575da1df3e00b2bc2a3a524b50641d2d242f982ed9d2f116
SSDEEP

3072:AdkbJBagqhj7yLWcugMcrSELnpQEM/9q4MCmpwfFRQfVE:MkNBagqhjWLycrNLnpzM/95MCmpwfFau

Score

6^/10

discovery

Malware Config

Signatures

Reads system routing table 1 TTPs 1 IoCs

Gets active network interfaces from /proc virtual filesystem.

discovery

Internet Connection Discovery

T1016.001

description	ioc	Process
File opened for reading	/proc/net/route	m-6.8-k.ISIS.elf

Reads system network configuration 1 TTPs 1 IoCs

Uses contents of /proc filesystem to enumerate network settings.

discovery

Internet Connection Discovery

T1016.001

description	ioc	Process
File opened for reading	/proc/net/route	m-6.8-k.ISIS.elf

/tmp/m-6.8-k.ISIS.elf
/tmp/m-6.8-k.ISIS.elf
1⤵
- Reads system routing table
- Reads system network configuration
PID:638

Network

MITRE ATT&CK Enterprise v16

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

T1016

Internet Connection Discovery

T1016.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v16

Replay Monitor

Loading Replay Monitor...

Downloads