Overview

overview

10

Static

static

10

f8184e7527...0c1598

debian-9-mips

7

Analysis

  • max time kernel
    30993s
  • max time network
    151s
  • platform
    linux_mips
  • resource
    debian9-mipsbe-en-20211208
  • resource tags

    arch:mipsimage:debian9-mipsbe-en-20211208kernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipssystem
  • submitted
    30-11-2022 12:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f8184e7527a01572a1c9c380bcdf4c7dffb975e0307a481d536f65e0380c1598

  • Size

    231KB

  • MD5

    883ba03abf873b9f15046c93661a56e5

  • SHA1

    55ccbc98eb2e5b44477b7f5d26da2b750c4f4224

  • SHA256

    f8184e7527a01572a1c9c380bcdf4c7dffb975e0307a481d536f65e0380c1598

  • SHA512

    b5fae4c396d3b0d49fba38947cbb2b7570b17cc8f8bdb75abe9e01fb0aa20b2469e62ba8a40bd4faf1a891ead8fef1d5e808ac52c705d9d5b09c3998467a171c

  • SSDEEP

    3072:T8ueXpv7VglR3RT2+gO2YyYpUqV7JP7H7TtQBE/PSqzkZmTeeIKjcPKPuW:wPzQnOq9nTtJdkZmTeeIKjcPKPuW

Score
7/10
persistence

Malware Config

Signatures

  • Modifies rc script 1 TTPs 1 IoCs

    Adding/modifying system rc scripts is a common persistence mechanism.

    persistence
  • Reads runtime system information 2 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/f8184e7527a01572a1c9c380bcdf4c7dffb975e0307a481d536f65e0380c1598
    /tmp/f8184e7527a01572a1c9c380bcdf4c7dffb975e0307a481d536f65e0380c1598
    1⤵
      PID:320

    Network

    MITRE ATT&CK Matrix ATT&CK v6

    Initial Access

    Execution

    Persistence

    Boot or Logon Autostart Execution

    1
    T1547

    Privilege Escalation

    Boot or Logon Autostart Execution

    1
    T1547

    Defense Evasion

    Credential Access

    Discovery

    Lateral Movement

    Collection

    Exfiltration

    Command and Control

    Impact

    Replay Monitor

    Loading Replay Monitor...

    Downloads