b10778308a29518c19a62320fe3bc9b0f6a18ea67398ebb7cbef47ba927edfb2

Analysis

max time kernel
137s
max time network
148s
platform
debian-9_mips
resource
debian9-mipsbe-20231221-en
resource tags

arch:mipsimage:debian9-mipsbe-20231221-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipssystem
submitted
12/02/2024, 04:49

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

b10778308a29518c19a62320fe3bc9b0f6a18ea67398ebb7cbef47ba927edfb2.elf
Size

177KB
MD5

a4ff8af36ca49ed1a687480ad8d04824
SHA1

d84eafc1b437374265739519765c2876fa5ecf00
SHA256

b10778308a29518c19a62320fe3bc9b0f6a18ea67398ebb7cbef47ba927edfb2
SHA512

a45df9a9d2cee010c3cb43b79709471dac333de71a421e81f25f731200da23c8a8326fdfe42d9a37bf24613e403974f130e8eba9f9375ed24505322d5f11fe44
SSDEEP

3072:f6uSXvJnzjP0jCdzpyi579Yxy52tIen9A6qewZQPhaMh:f6uSXvJnvP0OdzYigAEnfqnZIhaa

Score

7^/10

Malware Config

Signatures

Changes its process name 1 IoCs

description	ioc	pid	Process
Changes the process name, possibly in an attempt to hide itself	a- M"!	710	b10778308a29518c19a62320fe3bc9b0f6a18ea67398ebb7cbef47ba927edfb2.elf

Enumerates running processes
Discovers information about currently running processes on the system

Reads runtime system information 64 IoCs

Reads data from /proc virtual filesystem.

description	ioc
File opened for reading	/proc/360/cmdline
File opened for reading	/proc/740/cmdline
File opened for reading	/proc/793/cmdline
File opened for reading	/proc/736/cmdline
File opened for reading	/proc/804/cmdline
File opened for reading	/proc/11/cmdline
File opened for reading	/proc/169/cmdline
File opened for reading	/proc/328/cmdline
File opened for reading	/proc/791/cmdline
File opened for reading	/proc/694/cmdline
File opened for reading	/proc/701/cmdline
File opened for reading	/proc/779/cmdline
File opened for reading	/proc/741/cmdline
File opened for reading	/proc/757/cmdline
File opened for reading	/proc/7/cmdline
File opened for reading	/proc/80/cmdline
File opened for reading	/proc/699/cmdline
File opened for reading	/proc/805/cmdline
File opened for reading	/proc/1/cmdline
File opened for reading	/proc/20/cmdline
File opened for reading	/proc/670/cmdline
File opened for reading	/proc/37/cmdline
File opened for reading	/proc/768/cmdline
File opened for reading	/proc/774/cmdline
File opened for reading	/proc/21/cmdline
File opened for reading	/proc/71/cmdline
File opened for reading	/proc/76/cmdline
File opened for reading	/proc/732/cmdline
File opened for reading	/proc/760/cmdline
File opened for reading	/proc/5/cmdline
File opened for reading	/proc/17/cmdline
File opened for reading	/proc/18/cmdline
File opened for reading	/proc/777/cmdline
File opened for reading	/proc/785/cmdline
File opened for reading	/proc/786/cmdline
File opened for reading	/proc/723/cmdline
File opened for reading	/proc/734/cmdline
File opened for reading	/proc/751/cmdline
File opened for reading	/proc/780/cmdline
File opened for reading	/proc/12/cmdline
File opened for reading	/proc/144/cmdline
File opened for reading	/proc/718/cmdline
File opened for reading	/proc/711/cmdline
File opened for reading	/proc/724/cmdline
File opened for reading	/proc/747/cmdline
File opened for reading	/proc/755/cmdline
File opened for reading	/proc/794/cmdline
File opened for reading	/proc/3/cmdline
File opened for reading	/proc/77/cmdline
File opened for reading	/proc/668/cmdline
File opened for reading	/proc/153/cmdline
File opened for reading	/proc/678/cmdline
File opened for reading	/proc/695/cmdline
File opened for reading	/proc/767/cmdline
File opened for reading	/proc/795/cmdline
File opened for reading	/proc/2/cmdline
File opened for reading	/proc/8/cmdline
File opened for reading	/proc/81/cmdline
File opened for reading	/proc/802/cmdline
File opened for reading	/proc/809/cmdline
File opened for reading	/proc/801/cmdline
File opened for reading	/proc/739/cmdline
File opened for reading	/proc/770/cmdline
File opened for reading	/proc/782/cmdline

/tmp/b10778308a29518c19a62320fe3bc9b0f6a18ea67398ebb7cbef47ba927edfb2.elf
/tmp/b10778308a29518c19a62320fe3bc9b0f6a18ea67398ebb7cbef47ba927edfb2.elf
1⤵
- Changes its process name
PID:710

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads