Analysis

Category Package Started Completed Duration Options Log
FILE elf 2019-11-08 21:58:35 2019-11-08 21:58:55 20 seconds Show Options Show Log
  • Info: Analysis failed: Unable to import package "modules.packages.elf", does not exist.
procdump = 1
2019-11-08 21:58:37,015 [root] INFO: Date set to: 11-08-19, time set to: 21:58:37, timeout set to: 200
2019-11-08 21:58:37,046 [root] DEBUG: Starting analyzer from: C:\jwpzntfq
2019-11-08 21:58:37,046 [root] DEBUG: Storing results at: C:\kvsAWy
2019-11-08 21:58:37,046 [root] DEBUG: Pipe server name: \\.\PIPE\bqPXQnb
2019-11-08 21:58:37,046 [root] DEBUG: No analysis package specified, trying to detect it automagically.
2019-11-08 21:58:37,046 [root] INFO: Automatically selected analysis package "elf"
2019-11-08 21:58:37,062 [root] ERROR: Traceback (most recent call last):
  File "C:\jwpzntfq\analyzer.py", line 1332, in <module>
    success = analyzer.run()
  File "C:\jwpzntfq\analyzer.py", line 1047, in run
    "not exist.".format(package_name))
CuckooError: Unable to import package "modules.packages.elf", does not exist.
Traceback (most recent call last):
  File "C:\jwpzntfq\analyzer.py", line 1332, in <module>
    success = analyzer.run()
  File "C:\jwpzntfq\analyzer.py", line 1047, in run
    "not exist.".format(package_name))
CuckooError: Unable to import package "modules.packages.elf", does not exist.

MalScore

0.0

Benign

Machine

Name Label Manager Started On Shutdown On
target-02 target-02 ESX 2019-11-08 21:58:36 2019-11-08 21:58:55

File Details

File Name f7317fa6163f12c7175e1c03e9d77edc
File Size 1665 bytes
File Type ERROR: ELF 32-bit LSB executable, ARM, version 1 (SYSV), statically linkederror reading (Invalid argument)
MD5 f7317fa6163f12c7175e1c03e9d77edc
SHA1 919cbc4f4b067dff149407886d68a34f56cc8007
SHA256 3465e0045f3b462b02d0f9426e0f10c68b4a1cb3c411dd35b92c3c95681701c6
SHA512 8324d0495b4eb05a133716553d2f6ff635f8be9aac5bc29a56d840183ba4205d77073f8a7d12c6e14d536c2e7d99ab558925631466d0d4104bfc710c0154f4fd
CRC32 80597BD4
Ssdeep 48:IGwU+sikemGxBEsPXsOL5mtBaLExwDeRG:I9xXEOLstBayIeRG
TrID
  • 100.0% (.O) ELF Executable and Linkable format (generic) (4000/1)
ClamAV None matched
Yara None matched
CAPE Yara None matched
Resubmit sample

Signatures

No signatures


Screenshots

No screenshots available.

Hosts

No hosts contacted.

DNS

No domains contacted.


Summary

No static analysis available.
dvrHelper
aeabi
.shstrtab
.text
.rodata
.data
.ARM.attributes
This file is not on VirusTotal.

Hosts

No hosts contacted.

TCP

No TCP connections recorded.

UDP

No UDP connections recorded.

DNS

No domains contacted.

HTTP Requests

No HTTP requests performed.

SMTP traffic

No SMTP traffic performed.

IRC traffic

No IRC requests performed.

ICMP traffic

No ICMP traffic performed.

CIF Results

No CIF Results

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Suricata HTTP

No Suricata HTTP

Sorry! No dropped Suricata Extracted files.

JA3

No JA3 hashes found.

Sorry! No dropped files.
Sorry! No CAPE files.
Sorry! No process dumps.

Comments



No comments posted

Processing ( 0.364 seconds )

  • 0.113 TrID
  • 0.101 CAPE
  • 0.086 TargetInfo
  • 0.049 Static
  • 0.007 AnalysisInfo
  • 0.007 NetworkAnalysis
  • 0.001 Debug

Signatures ( 0.046 seconds )

  • 0.008 ransomware_files
  • 0.007 antiav_detectreg
  • 0.003 persistence_autorun
  • 0.003 antiav_detectfile
  • 0.003 infostealer_ftp
  • 0.003 ransomware_extensions
  • 0.002 browser_security
  • 0.002 infostealer_bitcoin
  • 0.002 infostealer_im
  • 0.001 tinba_behavior
  • 0.001 rat_nanocore
  • 0.001 cerber_behavior
  • 0.001 antianalysis_detectfile
  • 0.001 antianalysis_detectreg
  • 0.001 antivm_vbox_files
  • 0.001 antivm_vbox_keys
  • 0.001 geodo_banking_trojan
  • 0.001 bot_drive
  • 0.001 modify_proxy
  • 0.001 disables_browser_warn
  • 0.001 infostealer_mail
  • 0.001 masquerade_process_name

Reporting ( 0.0 seconds )

Task ID 108523
Mongo ID 5dc5e52103bfea2d656a12d0
Cuckoo release 1.3-CAPE
Delete