Analysis

  • max time kernel
    0s
  • platform
    debian-9_mipsel
  • resource
    debian9-mipsel-20221111-en
  • resource tags

    arch:mipselimage:debian9-mipsel-20221111-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipselsystem
  • submitted
    09/07/2023, 17:16

Errors

Reason
Reading agent response: read tcp 10.127.0.1:60966->10.127.0.137:8000: read: connection timed out

General

  • Target

    mipsel-20230709-1715.elf

  • Size

    119KB

  • MD5

    9ee98d28e34951c3981bc3337102b8be

  • SHA1

    fa5eca18bb2f2b21c2d8622fbd5c4592eea6df5a

  • SHA256

    efa18a1f2e4958cb72beb9b02662dc674467af4dbf74eef433922150aaecfbbc

  • SHA512

    371c50668b572b92ba3121049bd861cdc04a65bfe042227666072bcd39c11de01f0ffdf1203ff004c1574ab54b4b9a1c8043847d0a5b0c788b4a936bdc986594

  • SSDEEP

    3072:evhg2bAxoWMuFFt3/PAYbBKCSwB5O1i4I94:Ah/bAxPFt3dYCSwB5O1PI94

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Modifies Watchdog functionality 1 TTPs 2 IoCs

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

  • Writes file to system bin folder 1 TTPs 1 IoCs

Processes

  • /tmp/mipsel-20230709-1715.elf
    /tmp/mipsel-20230709-1715.elf
    1⤵
    • Deletes itself
    PID:336

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads