Overview

overview

7

Static

static

1

NEAS.5be8b...1c.elf

debian-9-mipsel

7

Analysis

  • max time kernel
    77s
  • max time network
    81s
  • platform
    debian-9_mipsel
  • resource
    debian9-mipsel-20231026-en
  • resource tags

    arch:mipselimage:debian9-mipsel-20231026-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipselsystem
  • submitted
    12/11/2023, 18:13

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.5be8ba28bf0cc47f921ac70574862055c3c9208c67f3f4ba141c6e0386012f1c.elf

  • Size

    42KB

  • MD5

    512ac489018682f7f53630ccce948f49

  • SHA1

    a9bdb75d84d069777c368f62fbcff801c2d4fe36

  • SHA256

    5be8ba28bf0cc47f921ac70574862055c3c9208c67f3f4ba141c6e0386012f1c

  • SHA512

    e83367955196eae69bb712360268d905513a3acac66ed63d18b9a70cd3294d109d2fa7334401fd9d118aa99e42f525b1ba4c2548b68d1b9eeabb9032e93c3687

  • SSDEEP

    768:AlRou1vPOMrv/Ffi3C6wkGgqhPSIRc+LBWRtHKFCg5kaqvnteu9M:A739ViLwkYPHcdvg5VqfU

Score
7/10

Malware Config

Signatures

  • Changes its process name 1 IoCs
  • Reads system routing table 1 TTPs 1 IoCs

    Gets active network interfaces from /proc virtual filesystem.

  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/NEAS.5be8ba28bf0cc47f921ac70574862055c3c9208c67f3f4ba141c6e0386012f1c.elf
    /tmp/NEAS.5be8ba28bf0cc47f921ac70574862055c3c9208c67f3f4ba141c6e0386012f1c.elf
    1⤵
    • Changes its process name
    • Reads system routing table
    • Reads system network configuration
    • Reads runtime system information
    PID:700

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads