Overview

overview

10

Static

static

10

79b109349d...ea.elf

debian-9-mipsel

9

Analysis

  • max time kernel
    10848s
  • max time network
    147s
  • platform
    debian-9_mipsel
  • resource
    debian9-mipsel-20221111-en
  • resource tags

    arch:mipselimage:debian9-mipsel-20221111-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipselsystem
  • submitted
    17-03-2023 07:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    79b109349de9c2dcef20bd811c92b9ea.elf

  • Size

    151KB

  • MD5

    79b109349de9c2dcef20bd811c92b9ea

  • SHA1

    d2798e7b86b6fb0578d7faf25f771cb3f69fa141

  • SHA256

    5b1a9229a68f1da2c030073e6c92ac0144c0e1d0a239656485dd65fb7fcf16b5

  • SHA512

    73bc7ea8bb1b928f2b4ad5910e3e05b473fafa50dd9d9fd5541ffd85e787339c346bb1f84995dc71cad5fd6eeb7758674209cd21845e6ea76a8774dd2df61a16

  • SSDEEP

    3072:dgZc9h1jlnLA2PiXYeyCcFVNMVGuo9mrThPaLEnvPrNb:dd7lnLA2PiIeyZFVWDo9mrThPaLEnvP5

Score
9/10

Malware Config

Signatures

  • Modifies the Watchdog daemon 1 TTPs

    Malware like Mirai modify the Watchdog to prevent it restarting an infected system.

  • Reads system routing table 1 TTPs 1 IoCs

    Gets active network interfaces from /proc virtual filesystem.

  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

Processes

  • /tmp/79b109349de9c2dcef20bd811c92b9ea.elf
    /tmp/79b109349de9c2dcef20bd811c92b9ea.elf
    1⤵
    • Reads system routing table
    • Reads system network configuration
    PID:393

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads