Analysis
-
max time kernel
37545s -
max time network
148s -
platform
linux_mips -
resource
debian9-mipsbe-en-20211208 -
resource tags
arch:mipsimage:debian9-mipsbe-en-20211208kernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipssystem -
submitted
16/02/2023, 06:23
Behavioral task
behavioral1
Sample
22ab49ed354edc0cf008522a30c3e275.elf
Resource
debian9-mipsbe-en-20211208
debian-9-mips
1 signatures
150 seconds
General
-
Target
22ab49ed354edc0cf008522a30c3e275.elf
-
Size
58KB
-
MD5
22ab49ed354edc0cf008522a30c3e275
-
SHA1
223e9f3e77eef7bbfc3d448a2e940dabca1ce3bc
-
SHA256
60b50c2d5f97adf6d03f2d99b4e333ff36d25c5242f4b3fac1abda820cd735f3
-
SHA512
424a4309a989abe9cbeb22046fd9d9b1a1d7ab72261efaac90c3563f10db7297a474f951792994db2859e2de5fbd258293068145774f4ade06bf6a2b5c96dea0
-
SSDEEP
768:h5OBtsh3wYI35T5UaCi9PosOUSLrp67wrKBuyx4uQxBqLBsJEg3hMkQ5/S3Fwe:Tb9Ip1vAs+yuyx4lsLBsyiGz5q3ee
Score
5/10
Malware Config
Signatures
-
Reads runtime system information 64 IoCs
Reads data from /proc virtual filesystem.
description ioc /proc/23/cmdline /proc/23/cmdline /proc/81/cmdline /proc/81/cmdline /proc/291/cmdline /proc/291/cmdline /proc/6/cmdline /proc/6/cmdline /proc/9/cmdline /proc/9/cmdline /proc/73/cmdline /proc/73/cmdline /proc/4/cmdline /proc/4/cmdline /proc/18/cmdline /proc/18/cmdline /proc/20/cmdline /proc/20/cmdline /proc/36/cmdline /proc/36/cmdline /proc/213/cmdline /proc/213/cmdline /proc/249/cmdline /proc/249/cmdline /proc/3/cmdline /proc/3/cmdline /proc/16/cmdline /proc/16/cmdline /proc/10/cmdline /proc/10/cmdline /proc/2/cmdline /proc/2/cmdline /proc/5/cmdline /proc/5/cmdline /proc/15/cmdline /proc/15/cmdline /proc/76/cmdline /proc/76/cmdline /proc/280/cmdline /proc/280/cmdline /proc/ /proc/ /proc/1/cmdline /proc/1/cmdline /proc/12/cmdline /proc/12/cmdline /proc/72/cmdline /proc/72/cmdline /proc/22/cmdline /proc/22/cmdline /proc/75/cmdline /proc/75/cmdline /proc/83/cmdline /proc/83/cmdline /proc/204/cmdline /proc/204/cmdline /proc/242/cmdline /proc/242/cmdline /proc/318/cmdline /proc/318/cmdline /proc/11/cmdline /proc/11/cmdline /proc/17/cmdline /proc/17/cmdline /proc/335/cmdline /proc/335/cmdline /proc/339/cmdline /proc/339/cmdline /proc/144/cmdline /proc/144/cmdline /proc/214/cmdline /proc/214/cmdline /proc/217/cmdline /proc/217/cmdline /proc/281/cmdline /proc/281/cmdline /proc/71/cmdline /proc/71/cmdline /proc/78/cmdline /proc/78/cmdline /proc/155/cmdline /proc/155/cmdline /proc/212/cmdline /proc/212/cmdline /proc/332/cmdline /proc/332/cmdline /proc/368/cmdline /proc/368/cmdline /proc/8/cmdline /proc/8/cmdline /proc/103/cmdline /proc/103/cmdline /proc/290/cmdline /proc/290/cmdline /proc/19/cmdline /proc/19/cmdline /proc/138/cmdline /proc/138/cmdline /proc/114/cmdline /proc/114/cmdline /proc/24/cmdline /proc/24/cmdline /proc/70/cmdline /proc/70/cmdline /proc/37/cmdline /proc/37/cmdline /proc/77/cmdline /proc/77/cmdline /proc/273/cmdline /proc/273/cmdline /proc/328/cmdline /proc/328/cmdline /proc/7/cmdline /proc/7/cmdline /proc/13/cmdline /proc/13/cmdline /proc/216/cmdline /proc/216/cmdline /proc/14/cmdline /proc/14/cmdline /proc/74/cmdline /proc/74/cmdline /proc/243/cmdline /proc/243/cmdline /proc/323/cmdline /proc/323/cmdline /proc/21/cmdline /proc/21/cmdline