Analysis
-
max time kernel
0s -
platform
debian-9_mipsel -
resource
debian9-mipsel-20221111-en -
resource tags
arch:mipselimage:debian9-mipsel-20221111-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipselsystem -
submitted
09/07/2023, 17:16
Static task
static1
Behavioral task
behavioral1
Sample
mipsel-20230709-1715.elf
Resource
debian9-mipsel-20221111-en
3 signatures
150 seconds
Errors
Reason
Reading agent response: read tcp 10.127.0.1:60966->10.127.0.137:8000: read: connection timed out
General
-
Target
mipsel-20230709-1715.elf
-
Size
119KB
-
MD5
9ee98d28e34951c3981bc3337102b8be
-
SHA1
fa5eca18bb2f2b21c2d8622fbd5c4592eea6df5a
-
SHA256
efa18a1f2e4958cb72beb9b02662dc674467af4dbf74eef433922150aaecfbbc
-
SHA512
371c50668b572b92ba3121049bd861cdc04a65bfe042227666072bcd39c11de01f0ffdf1203ff004c1574ab54b4b9a1c8043847d0a5b0c788b4a936bdc986594
-
SSDEEP
3072:evhg2bAxoWMuFFt3/PAYbBKCSwB5O1i4I94:Ah/bAxPFt3dYCSwB5O1PI94
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
pid Process 336 mipsel-20230709-1715.elf -
Modifies Watchdog functionality 1 TTPs 2 IoCs
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
description ioc File opened for modification /dev/watchdog File opened for modification /dev/misc/watchdog -
Writes file to system bin folder 1 TTPs 1 IoCs
description ioc File opened for modification /bin/watchdog