73bbb1b50d27866e0cb2abdd5a0774eabd55cb79042814b64f8724f0655d5e74

Analysis

max time kernel
0s
max time network
133s
platform
linux_mipsel
resource
debian9-mipsel-en-20211208
resource tags

arch:mipselimage:debian9-mipsel-en-20211208kernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipselsystem
submitted
01/12/2022, 15:47

Target

73bbb1b50d27866e0cb2abdd5a0774eabd55cb79042814b64f8724f0655d5e74
Size

351B
MD5

149a334ec82a7511bb1a1efa0ed3be8f
SHA1

26f85f3f0788fb17349bb0c6f16ccb75db7bf321
SHA256

73bbb1b50d27866e0cb2abdd5a0774eabd55cb79042814b64f8724f0655d5e74
SHA512

d7e61c4eedcba1b334dd8b764677b382819512de046960f0ccbd414e70b568e066f66fe3406f17822d9c2bb60463cc824c62be752ea7516116b9abfdb4535d8a

Score

5^/10

Reads runtime system information 2 IoCs

Reads data from /proc virtual filesystem.

description	ioc	Process
/proc/filesystems	/proc/filesystems	crontab
/proc/filesystems	/proc/filesystems	crontab

Writes file to tmp directory 1 IoCs

Malware often drops required files in the /tmp directory.

description	ioc	Process
/tmp/73bbb1b50d27866e0cb2abdd5a0774eabd55cb79042814b64f8724f0655d5e74	/tmp/73bbb1b50d27866e0cb2abdd5a0774eabd55cb79042814b64f8724f0655d5e74	73bbb1b50d27866e0cb2abdd5a0774eabd55cb79042814b64f8724f0655d5e74

/tmp/73bbb1b50d27866e0cb2abdd5a0774eabd55cb79042814b64f8724f0655d5e74
/tmp/73bbb1b50d27866e0cb2abdd5a0774eabd55cb79042814b64f8724f0655d5e74
1⤵
- Writes file to tmp directory
PID:332
- /bin/cat
  cat mech.dir
  2⤵
  PID:333
- /usr/bin/crontab
  crontab cron.d
  2⤵
  - Reads runtime system information
  PID:334
- /usr/bin/perl
  perl cyc.hold
  2⤵
  PID:339
- /usr/bin/crontab
  crontab -l
  2⤵
  - Reads runtime system information
  PID:340
- /bin/grep
  grep update
  2⤵
  PID:341
- /bin/chmod
  chmod u+x update
  2⤵
  PID:342