c222e438069dbd20023af5bbb5d292ef54b227f085b858e6a22f1e111cc0d750

Analysis

max time kernel
151s
max time network
154s
platform
debian-9_armhf
resource
debian9-armhf-20231215-en
resource tags

arch:armhfimage:debian9-armhf-20231215-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
submitted
19/12/2023, 23:15

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

53f6245ad8488848359b91b441e4d7d0
Size

46KB
MD5

53f6245ad8488848359b91b441e4d7d0
SHA1

a0decb1e80b5f75b616ea8d3c140460135749e07
SHA256

c222e438069dbd20023af5bbb5d292ef54b227f085b858e6a22f1e111cc0d750
SHA512

f8e5fd25ce37b10eccad98766bbe3b2ad2cf73e948877ea7873026d6d0d4a2dc6e30687c5397879a4d12356bcccd96f59111ca64d4b94fddcb8431cdad6788a3
SSDEEP

768:9OKlsnOKQeYG95QGhtTv3vEBsRf4OnnHMoQcBcS4k96xQDVPDrniOJBNO3HQX6B6:EqsnoG95dhVfimf4OnH3Bc7QDd3Vnl

Score

9^/10

discovery

Malware Config

Signatures

Contacts a large (24148) amount of remote hosts 1 TTPs
This may indicate a network scan to discover remotely running services.
discovery

Network Service Discovery
T1046
Creates a large amount of network flows 1 TTPs
This may indicate a network scan to discover remotely running services.
discovery

Network Service Discovery
T1046

Changes its process name 1 IoCs

description	ioc	pid	Process
Changes the process name, possibly in an attempt to hide itself	telnetd	649	53f6245ad8488848359b91b441e4d7d0

Modifies Watchdog functionality 1 TTPs 2 IoCs

Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

Impair Defenses

T1562

description	ioc
File opened for modification	/dev/watchdog
File opened for modification	/dev/misc/watchdog

/tmp/53f6245ad8488848359b91b441e4d7d0
/tmp/53f6245ad8488848359b91b441e4d7d0
1⤵
- Changes its process name
PID:649

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

T1562

Credential Access

Discovery

Network Service Discovery

T1046

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads