Analysis
-
max time kernel
0s -
max time network
123s -
platform
debian-9_mips -
resource
debian9-mipsbe-20221111-en -
resource tags
arch:mipsimage:debian9-mipsbe-20221111-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipssystem -
submitted
19-03-2023 11:50
Behavioral task
behavioral1
Sample
3ec972eeecdeb196652d34ae52af510e.elf
Resource
debian9-mipsbe-20221111-en
General
-
Target
3ec972eeecdeb196652d34ae52af510e.elf
-
Size
151KB
-
MD5
3ec972eeecdeb196652d34ae52af510e
-
SHA1
45301b64d23fd1c500492c7e8d7316f5e1bf076c
-
SHA256
8fdf3c5043ef7f6529e236baf80ade0d919506d57140c9329b81f9e6735cf0f1
-
SHA512
3108b60bdf7208ef31fc4e07e9923a1506d3019efd502263c248139aab561385059dd9771989fa0ec3b86dce511d0995230e605cad90e3947d3da65870d4e9b6
-
SSDEEP
3072:JW6dm9tS1aRGQdK76t/zCzI5mrThPaLEnvPrNb:c6IG+LCUmrThPaLEnvPrNb
Malware Config
Signatures
-
Modifies the Watchdog daemon 1 TTPs
Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
-
Reads system routing table 1 TTPs 1 IoCs
Gets active network interfaces from /proc virtual filesystem.
Processes:
3ec972eeecdeb196652d34ae52af510e.elfdescription ioc process /proc/net/route /proc/net/route 3ec972eeecdeb196652d34ae52af510e.elf -
Reads system network configuration 1 TTPs 1 IoCs
Uses contents of /proc filesystem to enumerate network settings.
Processes:
3ec972eeecdeb196652d34ae52af510e.elfdescription ioc process /proc/net/route /proc/net/route 3ec972eeecdeb196652d34ae52af510e.elf