de073fc0db5b66cb020609be0f15e332e69450c07404b4f5a72a4befed8b8453 | Triage

Submit
Reports

Overview

overview

9

Static

static

de073fc0db...8b8453

linux_mips

9

Sharing

General

Target

de073fc0db5b66cb020609be0f15e332e69450c07404b4f5a72a4befed8b8453
Size

87KB
Sample

220521-xplyysccc6
MD5

530c13e5b48b598d9a9194e8d86f403f
SHA1

903786914dedeb06b8d470c07a51833e342b8e4b
SHA256

de073fc0db5b66cb020609be0f15e332e69450c07404b4f5a72a4befed8b8453
SHA512

b3530d88474ce22d96bbdde90086157d09cd215831af32a0c7a6b60ff05ce281cbf797142182f1c083f32121be7cae0659eee950cca77861f4b51f511cc2ea72

Score

9^/10

discovery linux

Static task

static1

Behavioral task

behavioral1

Sample

de073fc0db5b66cb020609be0f15e332e69450c07404b4f5a72a4befed8b8453

Resource

debian9-mipsbe-en-20211208

linux_mips

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  de073fc0db5b66cb020609be0f15e332e69450c07404b4f5a72a4befed8b8453
- Size
  
  87KB
- MD5
  
  530c13e5b48b598d9a9194e8d86f403f
- SHA1
  
  903786914dedeb06b8d470c07a51833e342b8e4b
- SHA256
  
  de073fc0db5b66cb020609be0f15e332e69450c07404b4f5a72a4befed8b8453
- SHA512
  
  b3530d88474ce22d96bbdde90086157d09cd215831af32a0c7a6b60ff05ce281cbf797142182f1c083f32121be7cae0659eee950cca77861f4b51f511cc2ea72
Score

9^/10

discovery
- Contacts a large (20207) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Modifies the Watchdog daemon
  Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
- Enumerates active TCP sockets
  Gets active TCP sockets from /proc virtual filesystem.
- Reads system network configuration
  Uses contents of /proc filesystem to enumerate network settings.
- Reads runtime system information
  Reads data from /proc virtual filesystem.
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Network Service Scanning

System Network Connections Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy