Overview

overview

10

Static

static

10

0a1c9efbe0...30fc40

debian-9-armhf

7

Analysis

  • max time kernel
    148s
  • max time network
    152s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20231215-en
  • resource tags

    arch:armhfimage:debian9-armhf-20231215-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    19-12-2023 22:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0a1c9efbe0548ee56c4de43a6430fc40

  • Size

    50KB

  • MD5

    0a1c9efbe0548ee56c4de43a6430fc40

  • SHA1

    ed7c1ba56069189157c89c3585099c72b7403efb

  • SHA256

    37e63a18d880964dbe1a0bf04566d8c3e4c42a629276a1b135458c1208ad33d2

  • SHA512

    db72b5c2c1e10f38dad7e774884ad166b77c1df352e085e490fa5371003e8e053c003545de58d455c257b397ed5bae32a016a28bb2d21025f5620c4832348ce9

  • SSDEEP

    768:RKOrijV1ukSeyDHI7rLP8e8g2nRwnBCNKhREysQJmoI8Y2UYHuGBNrQWTzF0Wvqb:MDBMkSPDg8gAizwQJHJG6z1cEvG9

Score
7/10

Malware Config

Signatures

  • Changes its process name 2 IoCs
  • Deletes itself 1 IoCs
  • Modifies Watchdog functionality 1 TTPs 2 IoCs

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

Processes

  • /tmp/0a1c9efbe0548ee56c4de43a6430fc40
    /tmp/0a1c9efbe0548ee56c4de43a6430fc40
    1⤵
    • Changes its process name
    • Deletes itself
    • Modifies Watchdog functionality
    PID:664

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads