Overview

overview

10

Static

static

10

9d9666b61a...003f59

debian-9-mips

7

Analysis

  • max time kernel
    148s
  • max time network
    137s
  • platform
    debian-9_mips
  • resource
    debian9-mipsbe-20231215-en
  • resource tags

    arch:mipsimage:debian9-mipsbe-20231215-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipssystem
  • submitted
    20/12/2023, 09:37

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    9d9666b61aff1d7c40ce90cfd7003f59

  • Size

    151KB

  • MD5

    9d9666b61aff1d7c40ce90cfd7003f59

  • SHA1

    3e333698137f38d6737352f66c9aafe9eb820e5e

  • SHA256

    14c14d666400b44a5adbab904ac05a0dd59f072b4557c4ab7065f614c4c6e004

  • SHA512

    40dd8915def7a21074c5f980f5a9a4298d91f7c8461c80944ede20392d42ea45c8faa88c4d1e72bacd6edff6ab306c802d8ea40884abf14da57120d5247e902a

  • SSDEEP

    3072:JW6dm9tS1aRGQdK76t/zCiI5mrThPaLEnvPrNb:c6IG+LCjmrThPaLEnvPrNb

Score
7/10

Malware Config

Signatures

  • Changes its process name 1 IoCs
  • Modifies Watchdog functionality 1 TTPs 2 IoCs

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

  • Reads system routing table 1 TTPs 1 IoCs

    Gets active network interfaces from /proc virtual filesystem.

  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

Processes

  • /tmp/9d9666b61aff1d7c40ce90cfd7003f59
    /tmp/9d9666b61aff1d7c40ce90cfd7003f59
    1⤵
    • Changes its process name
    • Reads system routing table
    • Reads system network configuration
    PID:705

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads