Overview

overview

10

Static

static

10

4aa3cde5e5...cf.elf

debian-9-mips

9

Analysis

  • max time kernel
    7484s
  • max time network
    150s
  • platform
    debian-9_mips
  • resource
    debian9-mipsbe-20221111-en
  • resource tags

    arch:mipsimage:debian9-mipsbe-20221111-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipssystem
  • submitted
    06-02-2023 08:38

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    4aa3cde5e5d83fc075ccf9da6c6124cf.elf

  • Size

    339KB

  • MD5

    4aa3cde5e5d83fc075ccf9da6c6124cf

  • SHA1

    1e814210a7e4846adc8b2179a8b566d58dd1e895

  • SHA256

    424fee63e1f2500477c045128f266f590e1874002c4c78af3ac10cddc52e4e1b

  • SHA512

    454ff7dd3b2712ef54b906ec78a04ba3ad0758a6969ee213445ec8b6183c4bb442198ba2677f6e561f5eb49eb379981e811c06f712c737a4c9bc42adccc4fee6

  • SSDEEP

    3072:+W4o266jYK5JvWpA5JrjMhzj0eiYdhHOuy4yzMPKfpEMTWT6Xy9tdw6DW9WtD74N:+6Ff9ZuMcEMTWTsitLDW9Wx74Q8YrkBz

Score
9/10

Malware Config

Signatures

  • Modifies the Watchdog daemon 1 TTPs

    Malware like Mirai modify the Watchdog to prevent it restarting an infected system.

  • Writes file to system bin folder 1 TTPs 2 IoCs
  • Reads system routing table 1 TTPs 1 IoCs

    Gets active network interfaces from /proc virtual filesystem.

  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

Processes

  • /tmp/4aa3cde5e5d83fc075ccf9da6c6124cf.elf
    /tmp/4aa3cde5e5d83fc075ccf9da6c6124cf.elf
    1⤵
    • Reads system routing table
    • Reads system network configuration
    PID:330

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads