Overview

overview

10

Static

static

10

d1ad0d9140...35.elf

debian-9-mips

9

Analysis

  • max time kernel
    8230s
  • max time network
    152s
  • platform
    debian-9_mips
  • resource
    debian9-mipsbe-20221111-en
  • resource tags

    arch:mipsimage:debian9-mipsbe-20221111-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipssystem
  • submitted
    14-02-2023 23:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d1ad0d914039816e7c90d693fb622935.elf

  • Size

    144KB

  • MD5

    d1ad0d914039816e7c90d693fb622935

  • SHA1

    0f25ed799934cf40dd3cfe17fbf88aeca5fbea27

  • SHA256

    1375348b20b4a2f78dc4f54226393ad7bf88dc8bb6879a1fb28b23dd90e44583

  • SHA512

    ed36bb069740c02d2aa4929d0664efca1be0edb8443ca70234888198cbb2970941450d73754341a861fb94192775488ff9a16ec655d0f72cad6be3f1a9fdd10f

  • SSDEEP

    1536:Dd7jY1TFEq+/7sg2rK4xax+FagaC2rK4HaQxkqHe+0TvvbYPeIFr267UDKSshmvE:SL/y5kBTvvb4SOUDwhmvj3q+13Botx5

Score
9/10
discovery

Malware Config

Signatures

  • Creates a large amount of network flows 1 TTPs

    This may indicate a network scan to discover remotely running services.

    discovery
  • Modifies hosts file 1 IoCs

    Adds to hosts file used for mapping hosts to IP addresses.

  • Reads system routing table 1 TTPs 1 IoCs

    Gets active network interfaces from /proc virtual filesystem.

  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

Processes

  • /tmp/d1ad0d914039816e7c90d693fb622935.elf
    /tmp/d1ad0d914039816e7c90d693fb622935.elf
    1⤵
    • Reads system routing table
    • Reads system network configuration
    PID:323

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads