Analysis
-
max time kernel
0s -
max time network
144s -
platform
linux_mipsel -
resource
debian9-mipsel-en-20211208 -
resource tags
arch:mipselimage:debian9-mipsel-en-20211208kernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipselsystem -
submitted
27-11-2022 18:00
Static task
static1
Behavioral task
behavioral1
Sample
44fc2f6ca26daf72a056222416c56c0853018016f1c19bf385e7d48028452ffe
Resource
ubuntu1804-amd64-en-20211208
Behavioral task
behavioral2
Sample
44fc2f6ca26daf72a056222416c56c0853018016f1c19bf385e7d48028452ffe
Resource
debian9-armhf-en-20211208
Behavioral task
behavioral3
Sample
44fc2f6ca26daf72a056222416c56c0853018016f1c19bf385e7d48028452ffe
Resource
debian9-mipsbe-20221111-en
Behavioral task
behavioral4
Sample
44fc2f6ca26daf72a056222416c56c0853018016f1c19bf385e7d48028452ffe
Resource
debian9-mipsel-en-20211208
General
-
Target
44fc2f6ca26daf72a056222416c56c0853018016f1c19bf385e7d48028452ffe
-
Size
25KB
-
MD5
688942d8f40c093835695d18306676dc
-
SHA1
97f2b8593fc4f507c12de53af234cfabc4ae839d
-
SHA256
44fc2f6ca26daf72a056222416c56c0853018016f1c19bf385e7d48028452ffe
-
SHA512
806733f8428b027d54f9c93ad17566c9c337c921d09e721b17ca6ff815db0a4771fa1bd6546ef6178f8029b34c10e31beb43f594cea748f6a968fd21f5b51766
-
SSDEEP
384:fAGsevQ4rDp2q7wuG5q6Q7fy4U+07kL3lT:DsevQ4rDp2q7hG5qJmo0oL3N
Malware Config
Signatures
-
Writes file to tmp directory 1 IoCs
Malware often drops required files in the /tmp directory.
Processes:
44fc2f6ca26daf72a056222416c56c0853018016f1c19bf385e7d48028452ffedescription ioc process /tmp/44fc2f6ca26daf72a056222416c56c0853018016f1c19bf385e7d48028452ffe /tmp/44fc2f6ca26daf72a056222416c56c0853018016f1c19bf385e7d48028452ffe 44fc2f6ca26daf72a056222416c56c0853018016f1c19bf385e7d48028452ffe
Processes
-
/tmp/44fc2f6ca26daf72a056222416c56c0853018016f1c19bf385e7d48028452ffe/tmp/44fc2f6ca26daf72a056222416c56c0853018016f1c19bf385e7d48028452ffe1⤵
- Writes file to tmp directory
-
/usr/local/sbin/unameuname -a2⤵
-
/usr/local/bin/unameuname -a2⤵
-
/usr/sbin/unameuname -a2⤵
-
/usr/bin/unameuname -a2⤵
-
/sbin/unameuname -a2⤵
-
/bin/unameuname -a2⤵