General
-
Target
Mips.elf
-
Size
1.9MB
-
Sample
221004-1h7hvscfd6
-
MD5
ae5592bdb0464f06c88f665282991b82
-
SHA1
be5bf9dfec7fae911666060f584b4ffd0b04185f
-
SHA256
18a4352b2101b4fa81652d5fce34b08ed7def8bd40e413cebf991ede97692a02
-
SHA512
4c57878362b342a0928c8ddcb3fccff79be1ee0164e4f16c2d5169d14ea8ce322ac37693f965e8584fa950d733b70fe3d084cce4cf3675d62104482404b870a0
-
SSDEEP
49152:Um7vtBcWDjchCCpjy3WT/N7SExRtmbj2mEE5MBn:U67cWDoggmrExRtmbHEE2Bn
Static task
static1
Behavioral task
behavioral1
Sample
Mips.elf
Resource
debian9-mipsbe-en-20211208
Malware Config
Targets
-
-
Target
Mips.elf
-
Size
1.9MB
-
MD5
ae5592bdb0464f06c88f665282991b82
-
SHA1
be5bf9dfec7fae911666060f584b4ffd0b04185f
-
SHA256
18a4352b2101b4fa81652d5fce34b08ed7def8bd40e413cebf991ede97692a02
-
SHA512
4c57878362b342a0928c8ddcb3fccff79be1ee0164e4f16c2d5169d14ea8ce322ac37693f965e8584fa950d733b70fe3d084cce4cf3675d62104482404b870a0
-
SSDEEP
49152:Um7vtBcWDjchCCpjy3WT/N7SExRtmbj2mEE5MBn:U67cWDoggmrExRtmbHEE2Bn
Score10/10-
Attempts to identify hypervisor via CPU configuration
Checks CPU information for indicators that the system is a virtual machine.
-
Modifies hosts file
Adds to hosts file used for mapping hosts to IP addresses.
-
Writes DNS configuration
Writes data to DNS resolver config file.
-
Reads runtime system information
Reads data from /proc virtual filesystem.
-
Writes file to tmp directory
Malware often drops required files in the /tmp directory.
-