Overview

overview

5

Static

static

267e645cc7...ac108d

ubuntu-18.04-amd64

5

267e645cc7...ac108d

debian-9-armhf

5

267e645cc7...ac108d

debian-9-mips

5

267e645cc7...ac108d

debian-9-mipsel

5

Analysis

  • max time kernel
    0s
  • max time network
    124s
  • platform
    debian-9_mips
  • resource
    debian9-mipsbe-20221111-en
  • resource tags

    arch:mipsimage:debian9-mipsbe-20221111-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipssystem
  • submitted
    24/11/2022, 03:12

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    267e645cc707c78039866cd189feb8c2854136e01d98065b65cef39874ac108d

  • Size

    417B

  • MD5

    50087575bb4fb7dfa44032857f73be14

  • SHA1

    26435414419711b23639500c4ee0ff923fc63117

  • SHA256

    267e645cc707c78039866cd189feb8c2854136e01d98065b65cef39874ac108d

  • SHA512

    db01849f07f3197c76f9c37bccb1e347516fa19142b0a7f8ef006cc4b5f726f9ab497921ad656d4fbd0be67e3ee5dcc8423a174cc9fa07486de20f91087f6281

Score
5/10

Malware Config

Signatures

  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

  • Writes file to tmp directory 3 IoCs

    Malware often drops required files in the /tmp directory.

Processes

  • /tmp/267e645cc707c78039866cd189feb8c2854136e01d98065b65cef39874ac108d
    /tmp/267e645cc707c78039866cd189feb8c2854136e01d98065b65cef39874ac108d
    1⤵
    • Writes file to tmp directory
    PID:334
    • /bin/mkdir
      mkdir /tmp/ln
      2⤵
      • Reads runtime system information
      PID:336
    • /bin/ln
      ln /bin/ping /tmp/ln/target
      2⤵
        PID:339
      • /bin/rm
        rm -rf /tmp/ln/
        2⤵
        • Writes file to tmp directory
        PID:340
      • /usr/bin/gcc
        gcc -w -fPIC -shared -o /tmp/ln x.c
        2⤵
          PID:341
      • /proc/self/fd/3
        /proc/self/fd/3
        1⤵
          PID:334

        Network

              MITRE ATT&CK Matrix

              Replay Monitor

              Loading Replay Monitor...

              Downloads