Overview

overview

10

Static

static

10

3e07eb641d...c3.elf

debian-9-mips

9

Analysis

  • max time kernel
    10858s
  • max time network
    152s
  • platform
    debian-9_mips
  • resource
    debian9-mipsbe-20221111-en
  • resource tags

    arch:mipsimage:debian9-mipsbe-20221111-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipssystem
  • submitted
    17-03-2023 10:03

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3e07eb641db5dd8196c79b3f7d87b3c3.elf

  • Size

    151KB

  • MD5

    3e07eb641db5dd8196c79b3f7d87b3c3

  • SHA1

    6fff83fb7411bf8466b808bd2337de336ad0cfad

  • SHA256

    95f312bcbe88e0404ebf829e99b82a638a80e37c5eacee2ff53006815192044c

  • SHA512

    5e44cf69321c192ca7a5cd99860b917915cddc1037a4ec8b30588a4e7df959602906f9346d3323d287eeeefc1b67c713a11629567f2a3940ac7b1f86c9daccc3

  • SSDEEP

    3072:JW6dm9tS1aRGQdK76t/zCVI5mrThPaLEnvPrNb:c6IG+LCKmrThPaLEnvPrNb

Score
9/10

Malware Config

Signatures

  • Modifies the Watchdog daemon 1 TTPs

    Malware like Mirai modify the Watchdog to prevent it restarting an infected system.

  • Reads system routing table 1 TTPs 1 IoCs

    Gets active network interfaces from /proc virtual filesystem.

  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

Processes

  • /tmp/3e07eb641db5dd8196c79b3f7d87b3c3.elf
    /tmp/3e07eb641db5dd8196c79b3f7d87b3c3.elf
    1⤵
    • Reads system routing table
    • Reads system network configuration
    PID:327

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads