Analysis
-
max time kernel
150s -
max time network
151s -
platform
debian-9_mipsel -
resource
debian9-mipsel-20231221-en -
resource tags
arch:mipselimage:debian9-mipsel-20231221-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipselsystem -
submitted
21-02-2024 04:07
Behavioral task
behavioral1
Sample
d244b3079b96110649dc0080adeab0d22e853bc3f979883d947626a361c25e9b.elf
Resource
debian9-mipsel-20231221-en
General
-
Target
d244b3079b96110649dc0080adeab0d22e853bc3f979883d947626a361c25e9b.elf
-
Size
271KB
-
MD5
f86ee8fe2ff8cd8357dee139129f2f7b
-
SHA1
8bc18ec12361021dcd90b79edc3fd7778f6cab1b
-
SHA256
d244b3079b96110649dc0080adeab0d22e853bc3f979883d947626a361c25e9b
-
SHA512
00991734113b6d0a8c2fb9bc02195b1dbc87da69b23bc76af9971d8270a113e2a8710bc9bd70d59cb9aa60507887d92625418e17f44131118637178b154d569d
-
SSDEEP
6144:9NVVeGIMzGZAH7Q6aWb1RSv1iKGAMP80bjm:uwH7QBWBkv1iKGAMP80/m
Malware Config
Signatures
-
Modifies Watchdog functionality 1 TTPs 2 IoCs
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
description ioc File opened for modification /dev/misc/watchdog File opened for modification /dev/watchdog -
Creates/modifies Cron job 1 TTPs 1 IoCs
Cron allows running tasks on a schedule, and is commonly used for malware persistence.
description ioc Process File opened for modification /etc/crontab d244b3079b96110649dc0080adeab0d22e853bc3f979883d947626a361c25e9b.elf -
Reads runtime system information 1 IoCs
Reads data from /proc virtual filesystem.
description ioc File opened for reading /proc/711/exe