Overview

overview

10

Static

static

10

59b600a863...6dc06e

debian-9-mipsel

9

Analysis

  • max time kernel
    19648s
  • max time network
    152s
  • platform
    linux_mipsel
  • resource
    debian9-mipsel-en-20211208
  • resource tags

    arch:mipselimage:debian9-mipsel-en-20211208kernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipselsystem
  • submitted
    24-07-2022 03:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    59b600a86331f3044aed2524393c133ad20a2f98319c4e30727962b9626dc06e

  • Size

    131KB

  • MD5

    9077ee51ad1527399751cc94111dd728

  • SHA1

    49434d2a42f786b38015e45f5b70c644b4a540b1

  • SHA256

    59b600a86331f3044aed2524393c133ad20a2f98319c4e30727962b9626dc06e

  • SHA512

    aad470b929f31e7ce31f90a3b29c65c27e59d9a54993c9c6b303756cd39a13fa56fa9b5010a8d5fea5bf7963918e818ec1803ce47c2300016456b0cc0f10e476

Score
9/10
discoverypersistence

Malware Config

Signatures

  • Creates a large amount of network flows 1 TTPs

    This may indicate a network scan to discover remotely running services.

    discovery
  • Modifies hosts file 1 IoCs

    Adds to hosts file used for mapping hosts to IP addresses.

  • Writes DNS configuration 1 TTPs 1 IoCs

    Writes data to DNS resolver config file.

  • Modifies rc script 1 TTPs 1 IoCs

    Adding/modifying system rc scripts is a common persistence mechanism.

    persistence

Processes

  • /tmp/59b600a86331f3044aed2524393c133ad20a2f98319c4e30727962b9626dc06e
    /tmp/59b600a86331f3044aed2524393c133ad20a2f98319c4e30727962b9626dc06e
    1⤵
    • Modifies rc script
    PID:325

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads