9126afaef3894fdb9bcf715dd2e8962706389aeba2deb03356936dca7b5dfd93 | Triage

Submit
Reports

Overview

overview

9

Static

static

8

138bfa5fa6...8758fa

debian-9-mips

9

Sharing

Copy URL Twitter E-mail

General

Target

138bfa5fa6f6e60b94da030a4e8758fa
Size

285KB
Sample

231230-khqmcabegr
MD5

138bfa5fa6f6e60b94da030a4e8758fa
SHA1

96777b975904fd73358e8c5f8720e5880741afae
SHA256

9126afaef3894fdb9bcf715dd2e8962706389aeba2deb03356936dca7b5dfd93
SHA512

f0ad5f92f0381b0809f2fb7cde7a804949a66687c4af7ea6f4429094f1ee92d67357ebc436c0a91d872811c730e8dd40b256d9dbf660da584bd220d8c2f8bb85
SSDEEP

6144:7O/QJHZweEL/NOjCHm7FZZncaoNsKqqfPqOJ:78QpZsKCaiaHKqoPqOJ

Score

9^/10

discovery upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

138bfa5fa6f6e60b94da030a4e8758fa

Resource

debian9-mipsbe-20231215-en

debian-9-mips

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  138bfa5fa6f6e60b94da030a4e8758fa
- Size
  
  285KB
- MD5
  
  138bfa5fa6f6e60b94da030a4e8758fa
- SHA1
  
  96777b975904fd73358e8c5f8720e5880741afae
- SHA256
  
  9126afaef3894fdb9bcf715dd2e8962706389aeba2deb03356936dca7b5dfd93
- SHA512
  
  f0ad5f92f0381b0809f2fb7cde7a804949a66687c4af7ea6f4429094f1ee92d67357ebc436c0a91d872811c730e8dd40b256d9dbf660da584bd220d8c2f8bb85
- SSDEEP
  
  6144:7O/QJHZweEL/NOjCHm7FZZncaoNsKqqfPqOJ:78QpZsKCaiaHKqoPqOJ
Score

9^/10

discovery
- Contacts a large (2199) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Changes its process name
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
- Enumerates active TCP sockets
  Gets active TCP sockets from /proc virtual filesystem.
- Enumerates running processes
  Discovers information about currently running processes on the system
- Reads system routing table
  Gets active network interfaces from /proc virtual filesystem.
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Hijack Execution Flow

Privilege Escalation

Hijack Execution Flow

Defense Evasion

Hijack Execution Flow

Impair Defenses

Credential Access

Discovery

Network Service Discovery

System Network Configuration Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy