Overview

overview

10

Static

static

10

a1def588b5...c204d8

debian-9-mipsel

7

Analysis

  • max time kernel
    146s
  • max time network
    135s
  • platform
    debian-9_mipsel
  • resource
    debian9-mipsel-20231215-en
  • resource tags

    arch:mipselimage:debian9-mipsel-20231215-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipselsystem
  • submitted
    20/12/2023, 10:21

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    a1def588b5ad632bf86f6d0548c204d8

  • Size

    151KB

  • MD5

    a1def588b5ad632bf86f6d0548c204d8

  • SHA1

    a34632093afe1dd42f33689972fb71e9b979b6bc

  • SHA256

    690bd7e553c2adb11e9ec9265c87096e64b9504afbba8a8a2453aa7e00480c3c

  • SHA512

    2e8108008443d1735d1d15318a516bedfce1b0a152dc00467579fe020723df65115fc277e1cd49617087a769f0dc031bee7e7dae0fbfbbbacc7a229a648205fd

  • SSDEEP

    3072:dgZc9h1jlnLA2PiXYeyCcIVNMVGuo9mrThPaLEnvPrNb:dd7lnLA2PiIeyZIVWDo9mrThPaLEnvP5

Score
7/10

Malware Config

Signatures

  • Changes its process name 1 IoCs
  • Modifies Watchdog functionality 1 TTPs 2 IoCs

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

  • Reads system routing table 1 TTPs 1 IoCs

    Gets active network interfaces from /proc virtual filesystem.

  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

Processes

  • /tmp/a1def588b5ad632bf86f6d0548c204d8
    /tmp/a1def588b5ad632bf86f6d0548c204d8
    1⤵
    • Changes its process name
    • Reads system routing table
    • Reads system network configuration
    PID:712

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads