645f574c070d43d6ff4ae8891c70476c2c9d2f3dfdaa5f42a4941143b8fee54b | Triage

Submit
Reports

Overview

overview

9

Static

static

7

59ab1e91c8...de9780

debian-9-mips

9

Sharing

General

Target

59ab1e91c8c8a43c1c980b4df7de9780
Size

37KB
Sample

231219-3awgqsdcgn
MD5

59ab1e91c8c8a43c1c980b4df7de9780
SHA1

bdc95662cb50d654872e91319d54688a163902c8
SHA256

645f574c070d43d6ff4ae8891c70476c2c9d2f3dfdaa5f42a4941143b8fee54b
SHA512

cfdf4833e1163a3085ee9c42ee495d696ef3554382529310221cf10a6dbf88441452004289d7ef7691170d38ae66b4713a2764477053fd1a94aecff00e97f318
SSDEEP

768:y8rSgy+PQPH7k10BgBhWPkfVbpVhOaN0eKb528q1HDRAJgGlzDpOFw8R:y8ugI/774DfhwaibORAVUWm

Score

9^/10

discovery upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

59ab1e91c8c8a43c1c980b4df7de9780

Resource

debian9-mipsbe-20231215-en

debian-9-mips

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  59ab1e91c8c8a43c1c980b4df7de9780
- Size
  
  37KB
- MD5
  
  59ab1e91c8c8a43c1c980b4df7de9780
- SHA1
  
  bdc95662cb50d654872e91319d54688a163902c8
- SHA256
  
  645f574c070d43d6ff4ae8891c70476c2c9d2f3dfdaa5f42a4941143b8fee54b
- SHA512
  
  cfdf4833e1163a3085ee9c42ee495d696ef3554382529310221cf10a6dbf88441452004289d7ef7691170d38ae66b4713a2764477053fd1a94aecff00e97f318
- SSDEEP
  
  768:y8rSgy+PQPH7k10BgBhWPkfVbpVhOaN0eKb528q1HDRAJgGlzDpOFw8R:y8ugI/774DfhwaibORAVUWm
Score

9^/10

discovery
- Contacts a large (20944) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Changes its process name
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
- Enumerates running processes
  Discovers information about currently running processes on the system
- Reads system routing table
  Gets active network interfaces from /proc virtual filesystem.
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Hijack Execution Flow

Privilege Escalation

Hijack Execution Flow

Defense Evasion

Hijack Execution Flow

Impair Defenses

Credential Access

Discovery

Network Service Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy