Analysis
-
max time kernel
146s -
max time network
149s -
platform
debian-9_mips -
resource
debian9-mipsbe-20231215-en -
resource tags
arch:mipsimage:debian9-mipsbe-20231215-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipssystem -
submitted
19-12-2023 23:24
Behavioral task
behavioral1
Sample
60fe13ebdc8544b4a9226130b3a2d33d
Resource
debian9-mipsbe-20231215-en
debian-9-mips
3 signatures
150 seconds
General
-
Target
60fe13ebdc8544b4a9226130b3a2d33d
-
Size
234KB
-
MD5
60fe13ebdc8544b4a9226130b3a2d33d
-
SHA1
5521615baaab5f69246f5370061925293c061cff
-
SHA256
9778d7e24977a8bb92264f3c96c222e56f7348c81c1cbc8bf8716c5ea0ac8560
-
SHA512
9be4dc9ee9ab7d2181a6ffd503a6d25966f96491cef79144c50e25024875aafed9062543014fddcbe8fb09be4213a55f99a6e2a85f719da3801418222b4b7c96
-
SSDEEP
3072:RmLCHKbiwBxtCe429FriVCKDqR/49qHEkuOSX:MuMVBOe79orqR/49qHEkuOSX
Score
7/10
Malware Config
Signatures
-
Changes its process name 1 IoCs
description pid Process Changes the process name, possibly in an attempt to hide itself 701 60fe13ebdc8544b4a9226130b3a2d33d -
Reads system routing table 1 TTPs 1 IoCs
Gets active network interfaces from /proc virtual filesystem.
description ioc Process File opened for reading /proc/net/route 60fe13ebdc8544b4a9226130b3a2d33d -
Reads system network configuration 1 TTPs 1 IoCs
Uses contents of /proc filesystem to enumerate network settings.
description ioc Process File opened for reading /proc/net/route 60fe13ebdc8544b4a9226130b3a2d33d