8c65aa2ad5e46c0dd63ebbb6cd04a3dac2651a1bfa0f16ee80d444b4db789dc9

Analysis

max time kernel
147s
max time network
125s
platform
debian-9_mips
resource
debian9-mipsbe-20221125-en
resource tags

arch:mipsimage:debian9-mipsbe-20221125-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipssystem
submitted
09/07/2023, 16:59

Target

b9a0f18e6d74e2afbd7db66c2.elf
Size

150KB
MD5

b9a0f18e6d74e2afbd7db66c251ed535
SHA1

2da5c14a53520be310057e6f0cde13464e389f4a
SHA256

8c65aa2ad5e46c0dd63ebbb6cd04a3dac2651a1bfa0f16ee80d444b4db789dc9
SHA512

cdfd6222caf976d46c6b17279a2afb9298cbcfaee486a281e42ba09dcacace5981220d76482d26f3272abe3f71bd12e9a586e5c0fa7caedf6c01c27e93c0e476
SSDEEP

3072:AvtLZpuGPyaT/x5hKWEfSaWURxuZq+1uPNd5R:cQORx5hKWLURxuZq+1uPNd5R

Score

7^/10

Changes its process name 1 IoCs

description	pid	Process
Changes the process name, possibly in an attempt to hide itself	337	b9a0f18e6d74e2afbd7db66c2.elf

Writes DNS configuration 1 TTPs 1 IoCs

Writes data to DNS resolver config file.

Dynamic Resolution

description	ioc
File opened for modification	/etc/resolv.conf

/tmp/b9a0f18e6d74e2afbd7db66c2.elf
/tmp/b9a0f18e6d74e2afbd7db66c2.elf
1⤵
- Changes its process name
PID:337

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Dynamic Resolution

Exfiltration

Impact