Overview

overview

5

Static

static

fe30d27908...295203

ubuntu-18.04-amd64

5

fe30d27908...295203

debian-9-armhf

5

fe30d27908...295203

debian-9-mips

5

fe30d27908...295203

debian-9-mipsel

5

Analysis

  • max time kernel
    0s
  • max time network
    125s
  • platform
    debian-9_mips
  • resource
    debian9-mipsbe-20221111-en
  • resource tags

    arch:mipsimage:debian9-mipsbe-20221111-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipssystem
  • submitted
    06/12/2022, 22:50

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    fe30d2790811fd02645e8a6b96b5330c53b10461ca6c59b49c6bc22730295203

  • Size

    3KB

  • MD5

    0d6522ba4c16b458bfc39d098db546e6

  • SHA1

    ae73a1b8aafd868ffdab3bde932157dda551d0b1

  • SHA256

    fe30d2790811fd02645e8a6b96b5330c53b10461ca6c59b49c6bc22730295203

  • SHA512

    c70534b4bdda1db07eb6ebb9bff5ba98687acd9e4e9a639c73c3433be2281ee858f3cc1f69e762ead23ede508081ab6a2f3302f300874503b3614fb11b4acc9c

Score
5/10

Malware Config

Signatures

  • Reads runtime system information 2 IoCs

    Reads data from /proc virtual filesystem.

  • Writes file to tmp directory 1 IoCs

    Malware often drops required files in the /tmp directory.

Processes

  • /tmp/fe30d2790811fd02645e8a6b96b5330c53b10461ca6c59b49c6bc22730295203
    /tmp/fe30d2790811fd02645e8a6b96b5330c53b10461ca6c59b49c6bc22730295203
    1⤵
    • Writes file to tmp directory
    PID:330
    • /usr/bin/id
      id -u qmaild
      2⤵
      • Reads runtime system information
      PID:332
    • /usr/bin/id
      id -g qmaild
      2⤵
      • Reads runtime system information
      PID:336

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads