18d175a677aea43ae7aeac4d2533819f314abce6447d9fe90e6e77ea035639f4

Analysis

max time kernel
149s
max time network
153s
platform
debian-9_mips
resource
debian9-mipsbe-20231215-en
resource tags

arch:mipsimage:debian9-mipsbe-20231215-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipssystem
submitted
19/12/2023, 22:21

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

00176009837046cf869c0933a488bc2b
Size

234KB
MD5

00176009837046cf869c0933a488bc2b
SHA1

2b961628a604632b289d6346d3838b9eb9e9b572
SHA256

18d175a677aea43ae7aeac4d2533819f314abce6447d9fe90e6e77ea035639f4
SHA512

75e24fa0bdc75ff02284683d1925620f669b2fceb1f63ca14aa6028a6267c06a3c528c6e982a6140d78a95f4e799145f623d8f35e9d56e10dc6b91b07c4b7393
SSDEEP

3072:pGrWCHDRpQBRtCeD29Fri1YKjqR/49qHEkuOSX:kTtOBuei98ZqR/49qHEkuOSX

Score

7^/10

Malware Config

Signatures

Changes its process name 1 IoCs

description	pid	Process
Changes the process name, possibly in an attempt to hide itself	709	00176009837046cf869c0933a488bc2b

Reads system routing table 1 TTPs 1 IoCs

Gets active network interfaces from /proc virtual filesystem.

System Network Configuration Discovery

T1016

description	ioc	Process
File opened for reading	/proc/net/route	00176009837046cf869c0933a488bc2b

Reads system network configuration 1 TTPs 1 IoCs

Uses contents of /proc filesystem to enumerate network settings.

System Network Configuration Discovery

T1016

description	ioc	Process
File opened for reading	/proc/net/route	00176009837046cf869c0933a488bc2b

/tmp/00176009837046cf869c0933a488bc2b
/tmp/00176009837046cf869c0933a488bc2b
1⤵
- Changes its process name
- Reads system routing table
- Reads system network configuration
PID:709

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

T1016

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Windows 7 deprecation

Loading Replay Monitor...

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads