Overview

overview

10

Static

static

10

42a60f927d...4d9134

linux_mips

8

Analysis

  • max time kernel
    0s
  • max time network
    153s
  • platform
    linux_mips
  • resource
    debian9-mipsbe-en-20211208
  • submitted
    08-07-2022 01:51

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    42a60f927d0828417fcadd004dcb716f1b3db0a1754c3173dd38ee18bf4d9134

  • Size

    239KB

  • MD5

    5d0a617053c8653fdfe2dccc12ee4d9f

  • SHA1

    78725be873d3797aa1220c101391f2bef7758fe8

  • SHA256

    42a60f927d0828417fcadd004dcb716f1b3db0a1754c3173dd38ee18bf4d9134

  • SHA512

    ae733c0c804900b87a277952e06f9d5cdc4448453ceebcb500855d4f07720618b4b8c621a5a4e34f581bfabd9913afd1df47fb18f12faba99db169d0b6015491

Score
8/10
persistence

Malware Config

Signatures

  • Modifies hosts file 1 IoCs

    Adds to hosts file used for mapping hosts to IP addresses.

  • Writes DNS configuration 1 TTPs 1 IoCs

    Writes data to DNS resolver config file.

  • Modifies rc script 1 TTPs 1 IoCs

    Adding/modifying system rc scripts is a common persistence mechanism.

    persistence
  • Reads system routing table 1 TTPs 1 IoCs

    Gets active network interfaces from /proc virtual filesystem.

  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

Processes

  • ./42a60f927d0828417fcadd004dcb716f1b3db0a1754c3173dd38ee18bf4d9134
    ./42a60f927d0828417fcadd004dcb716f1b3db0a1754c3173dd38ee18bf4d9134
    1⤵
    • Modifies rc script
    PID:324

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads