8b5d6d9d1094279f089ce549a77ac041aa87654b862ce24f7e17b84bdcf89278

Analysis

max time kernel
19719s
max time network
153s
platform
linux_mipsel
resource
debian9-mipsel-en-20211208
resource tags

arch:mipselimage:debian9-mipsel-en-20211208kernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipselsystem
submitted
24-07-2022 22:43

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

8b5d6d9d1094279f089ce549a77ac041aa87654b862ce24f7e17b84bdcf89278
Size

240KB
MD5

f3d3ba9da9123d200fe6627d970838cd
SHA1

c780af224fc7c82524c1fa6c9392d2805a631436
SHA256

8b5d6d9d1094279f089ce549a77ac041aa87654b862ce24f7e17b84bdcf89278
SHA512

21bf1baa84b5470c45185bb0511b1669664d43d90b2dd61df401889b3ca08933013a7da8b445808ad2e4624d1b9de58b893ff97edef13691b919ae33d72e742c

Score

7^/10

persistence

Malware Config

Signatures

Modifies rc script 1 TTPs 1 IoCs

Adding/modifying system rc scripts is a common persistence mechanism.

persistence

Boot or Logon Autostart Execution

T1547

description	ioc	Process
/etc/rc.d/rc.local	/etc/rc.d/rc.local	8b5d6d9d1094279f089ce549a77ac041aa87654b862ce24f7e17b84bdcf89278

Reads system routing table 1 TTPs 1 IoCs

Gets active network interfaces from /proc virtual filesystem.

System Network Configuration Discovery

T1016

description	ioc
/proc/net/route	/proc/net/route

Reads system network configuration 1 TTPs 1 IoCs

Uses contents of /proc filesystem to enumerate network settings.

System Network Configuration Discovery

T1016

description	ioc
/proc/net/route	/proc/net/route

/tmp/8b5d6d9d1094279f089ce549a77ac041aa87654b862ce24f7e17b84bdcf89278
/tmp/8b5d6d9d1094279f089ce549a77ac041aa87654b862ce24f7e17b84bdcf89278
1⤵
- Modifies rc script
PID:331

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

T1016

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads