bc5964d46a872260b429717a7263ccbece8592b34b84869563d6092c868a253a

Analysis

max time kernel
0s
max time network
76s
platform
debian-9_mips
resource
debian9-mipsbe-20221111-en
resource tags

arch:mipsimage:debian9-mipsbe-20221111-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipssystem
submitted
01/02/2023, 03:51

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

mips
Size

36KB
MD5

2a0dace3cfe5115995f26768f711f011
SHA1

f5840e00ba9aaf28c5542944bfdfbd9cc0d0f281
SHA256

bc5964d46a872260b429717a7263ccbece8592b34b84869563d6092c868a253a
SHA512

b19af04fefbcdeb53cd812b8d0c979fbd96d6d13c1205ee773c754c887870fd4ef578799b8c0b5b8adc5a01c47491b9b5b770b0183bef5da47c156db518541c4
SSDEEP

384:HeHq05iI2EGySkjocP9MjzTrT0jGLU1ZYORKEiSsd9dA/OmU4xki+nWy2xp4Rds7:+GIGjzb0fald9dsOpyki+nWyguTi

Score

9^/10

antivm

Malware Config

Signatures

Attempts to identify hypervisor via CPU configuration 1 TTPs 1 IoCs

Checks CPU information for indicators that the system is a virtual machine.

antivm

Virtualization/Sandbox Evasion

T1497

description	ioc
/proc/cpuinfo	/proc/cpuinfo

Modifies the Watchdog daemon 1 TTPs
Malware like Mirai modify the Watchdog to prevent it restarting an infected system.

Impair Defenses
T1562

Writes file to tmp directory 1 IoCs

Malware often drops required files in the /tmp directory.

description	ioc	Process
/tmp/mips	/tmp/mips	mips

/tmp/mips
/tmp/mips
1⤵
- Writes file to tmp directory
PID:329

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

T1562

Virtualization/Sandbox Evasion

T1497

Credential Access

Discovery

Virtualization/Sandbox Evasion

T1497

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Windows 7 deprecation

Loading Replay Monitor...

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads