e9b0593075f7b5cc120a1eb02d240469e984d1e5f384817f6ba3fad229727420

Analysis

max time kernel
144s
max time network
147s
platform
debian-9_mips
resource
debian9-mipsbe-20231215-en
resource tags

arch:mipsimage:debian9-mipsbe-20231215-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipssystem
submitted
20/12/2023, 10:26

Target

a2fbe7b88cacf525ebb686cd6f3a40dd
Size

50KB
MD5

a2fbe7b88cacf525ebb686cd6f3a40dd
SHA1

cdb2bc1ceb8daf997ca79a6bc4c892bdfa5b8f14
SHA256

e9b0593075f7b5cc120a1eb02d240469e984d1e5f384817f6ba3fad229727420
SHA512

0322aea5170f8da8bba2c06cdf83036c9ea953f593678e116cffbdb88e37a99b5f00fab9aedd29f1e2e768027b30ee64a9932f6314689c25de45a5f81b7ec9b8
SSDEEP

768:hMROL5dq0a92kTCa92kv9llqCiljT9tZARae2rC2sU3JbsOm/ucVFyxuoNEw0f:Gw82Ut2Y9lTk+cPsUBMuK+NEwa

Score

7^/10

Changes its process name 1 IoCs

description	ioc	pid	Process
Changes the process name, possibly in an attempt to hide itself	vgz8v8vlvl8w6	710	a2fbe7b88cacf525ebb686cd6f3a40dd

Deletes itself 1 IoCs

pid	Process
710	a2fbe7b88cacf525ebb686cd6f3a40dd

Unexpected DNS network traffic destination 3 IoCs

Network traffic to other servers than the configured DNS servers was detected on the DNS port.

Writes file to tmp directory 1 IoCs

Malware often drops required files in the /tmp directory.

description	ioc	Process
File opened for modification	/tmp/a2fbe7b88cacf525ebb686cd6f3a40dd	a2fbe7b88cacf525ebb686cd6f3a40dd