038b0610a27b8e34d313fc666ac07cb0f0b342ea1025ffdaf8c6697dddde0380 | Triage

Submit
Reports

Overview

overview

9

Static

static

038b0610a2...de0380

linux_mips

9

Sharing

General

Target

038b0610a27b8e34d313fc666ac07cb0f0b342ea1025ffdaf8c6697dddde0380
Size

30KB
Sample

220521-xq8jcacdd6
MD5

5d5abd94f970f6a72658d087baa9701d
SHA1

fb691c535d1d120cc4ce0867374fb3c846c2c0ad
SHA256

038b0610a27b8e34d313fc666ac07cb0f0b342ea1025ffdaf8c6697dddde0380
SHA512

49faaf5a8320155e0e1509466d8064c917aa7ed7ac26807635bf88200ccd61cd1c397e3afea15f9f296e0fb8a83e28f701d7e12678866b1dcdc9f7e5e9b11291

Score

9^/10

discovery linux

Static task

static1

Behavioral task

behavioral1

Sample

038b0610a27b8e34d313fc666ac07cb0f0b342ea1025ffdaf8c6697dddde0380

Resource

debian9-mipsbe-en-20211208

linux_mips

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  038b0610a27b8e34d313fc666ac07cb0f0b342ea1025ffdaf8c6697dddde0380
- Size
  
  30KB
- MD5
  
  5d5abd94f970f6a72658d087baa9701d
- SHA1
  
  fb691c535d1d120cc4ce0867374fb3c846c2c0ad
- SHA256
  
  038b0610a27b8e34d313fc666ac07cb0f0b342ea1025ffdaf8c6697dddde0380
- SHA512
  
  49faaf5a8320155e0e1509466d8064c917aa7ed7ac26807635bf88200ccd61cd1c397e3afea15f9f296e0fb8a83e28f701d7e12678866b1dcdc9f7e5e9b11291
Score

9^/10

discovery
- Contacts a large (18207) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Modifies the Watchdog daemon
  Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
- Enumerates active TCP sockets
  Gets active TCP sockets from /proc virtual filesystem.
- Reads system network configuration
  Uses contents of /proc filesystem to enumerate network settings.
- Reads runtime system information
  Reads data from /proc virtual filesystem.
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Network Service Scanning

System Network Connections Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy