Analysis
-
max time kernel
149s -
max time network
155s -
platform
debian-9_mipsel -
resource
debian9-mipsel-20231215-en -
resource tags
arch:mipselimage:debian9-mipsel-20231215-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipselsystem -
submitted
19-12-2023 22:30
Behavioral task
behavioral1
Sample
0e2b68055a18ed6664f19de03589982f
Resource
debian9-mipsel-20231215-en
debian-9-mipsel
2 signatures
150 seconds
General
-
Target
0e2b68055a18ed6664f19de03589982f
-
Size
111KB
-
MD5
0e2b68055a18ed6664f19de03589982f
-
SHA1
34a08c41d55b44a7b057d1237367e971dbd9bc4e
-
SHA256
ab4e603f8ebb0fa70915b62e6247be1686571779b731e74d6038450c0841ef2b
-
SHA512
34f4f737323f434e4c58b3360690a365f51189ad4e9ed1fb7ea5ece6eb184e5c10fc93dcc814c362bb6568bef6a3ec92a4b40f7481fdcb73fadfcdcb2e41e1aa
-
SSDEEP
1536:cQeT38zlXs4iEsZkIqPzAY2s/r28DPSHYXw+skudmVUm5viuKhxcSymSeQL:LR5sdvsjnPSHYXw9yUIviuKhxcStSeQL
Score
7/10
Malware Config
Signatures
-
Changes its process name 1 IoCs
description pid Changes the process name, possibly in an attempt to hide itself 707 -
Reads runtime system information 64 IoCs
Reads data from /proc virtual filesystem.
description ioc File opened for reading /proc/458 File opened for reading /proc/484 File opened for reading /proc/507 File opened for reading /proc/540 File opened for reading /proc/556 File opened for reading /proc/587 File opened for reading /proc/688 File opened for reading /proc/439 File opened for reading /proc/697 File opened for reading /proc/692 File opened for reading /proc/539 File opened for reading /proc/566 File opened for reading /proc/567 File opened for reading /proc/616 File opened for reading /proc/403 File opened for reading /proc/445 File opened for reading /proc/489 File opened for reading /proc/522 File opened for reading /proc/655 File opened for reading /proc/694 File opened for reading /proc/436 File opened for reading /proc/585 File opened for reading /proc/648 File opened for reading /proc/430 File opened for reading /proc/546 File opened for reading /proc/627 File opened for reading /proc/695/maps File opened for reading /proc/699 File opened for reading /proc/463 File opened for reading /proc/594 File opened for reading /proc/644 File opened for reading /proc/508 File opened for reading /proc/465 File opened for reading /proc/467 File opened for reading /proc/468 File opened for reading /proc/477 File opened for reading /proc/622 File opened for reading /proc/623 File opened for reading /proc/675/exe File opened for reading /proc/402 File opened for reading /proc/685 File opened for reading /proc/440 File opened for reading /proc/524/exe File opened for reading /proc/650 File opened for reading /proc/651 File opened for reading /proc/681 File opened for reading /proc/692/maps File opened for reading /proc/438 File opened for reading /proc/500 File opened for reading /proc/557 File opened for reading /proc/581 File opened for reading /proc/583 File opened for reading /proc/642 File opened for reading /proc/661 File opened for reading /proc/675/maps File opened for reading /proc/406 File opened for reading /proc/490 File opened for reading /proc/565 File opened for reading /proc/577 File opened for reading /proc/635 File opened for reading /proc/696 File opened for reading /proc/470 File opened for reading /proc/528 File opened for reading /proc/578