cf6a1c185ba06df8b6ba2a4ec054973f310624cf6e46efa45749e0d92d22250b

Analysis

max time kernel
142s
max time network
153s
platform
debian-9_mips
resource
debian9-mipsbe-20231215-en
resource tags

arch:mipsimage:debian9-mipsbe-20231215-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipssystem
submitted
19/12/2023, 22:27

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

0abdd24c6b76e897a34c61584ecba430
Size

253KB
MD5

0abdd24c6b76e897a34c61584ecba430
SHA1

d3007c28e61d54fd44822a9473c35c7816c28b17
SHA256

cf6a1c185ba06df8b6ba2a4ec054973f310624cf6e46efa45749e0d92d22250b
SHA512

0d2dc2864127a0997bc9d53adb9529cdadb2fa9c4b31f4a51e81a46220f0dbc810b126eb87a2d25a57c7bbcf8ce1e81b704de813e7c0713dce2c4471a7b85326
SSDEEP

6144:ngCo+zvGEtv6RxIcgvv/m1drLbI85f7kuCrlSP:ztyOvv/m1drLbI85f7kuCrlSP

Score

7^/10

Malware Config

Signatures

Changes its process name 1 IoCs

description	ioc	pid	Process
Changes the process name, possibly in an attempt to hide itself	/usr/sbin/dropbear	716	0abdd24c6b76e897a34c61584ecba430

Reads system routing table 1 TTPs 1 IoCs

Gets active network interfaces from /proc virtual filesystem.

System Network Configuration Discovery

T1016

description	ioc	Process
File opened for reading	/proc/net/route	0abdd24c6b76e897a34c61584ecba430

Reads system network configuration 1 TTPs 1 IoCs

Uses contents of /proc filesystem to enumerate network settings.

System Network Configuration Discovery

T1016

description	ioc	Process
File opened for reading	/proc/net/route	0abdd24c6b76e897a34c61584ecba430

/tmp/0abdd24c6b76e897a34c61584ecba430
/tmp/0abdd24c6b76e897a34c61584ecba430
1⤵
- Changes its process name
- Reads system routing table
- Reads system network configuration
PID:716

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

T1016

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Windows 7 deprecation

Loading Replay Monitor...

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads