Analysis

  • max time kernel
    150s
  • max time network
    151s
  • platform
    debian-9_mipsel
  • resource
    debian9-mipsel-20231221-en
  • resource tags

    arch:mipselimage:debian9-mipsel-20231221-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipselsystem
  • submitted
    21-02-2024 04:07

General

  • Target

    d244b3079b96110649dc0080adeab0d22e853bc3f979883d947626a361c25e9b.elf

  • Size

    271KB

  • MD5

    f86ee8fe2ff8cd8357dee139129f2f7b

  • SHA1

    8bc18ec12361021dcd90b79edc3fd7778f6cab1b

  • SHA256

    d244b3079b96110649dc0080adeab0d22e853bc3f979883d947626a361c25e9b

  • SHA512

    00991734113b6d0a8c2fb9bc02195b1dbc87da69b23bc76af9971d8270a113e2a8710bc9bd70d59cb9aa60507887d92625418e17f44131118637178b154d569d

  • SSDEEP

    6144:9NVVeGIMzGZAH7Q6aWb1RSv1iKGAMP80bjm:uwH7QBWBkv1iKGAMP80/m

Score
7/10

Malware Config

Signatures

  • Modifies Watchdog functionality 1 TTPs 2 IoCs

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

  • Creates/modifies Cron job 1 TTPs 1 IoCs

    Cron allows running tasks on a schedule, and is commonly used for malware persistence.

  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/d244b3079b96110649dc0080adeab0d22e853bc3f979883d947626a361c25e9b.elf
    /tmp/d244b3079b96110649dc0080adeab0d22e853bc3f979883d947626a361c25e9b.elf
    1⤵
    • Creates/modifies Cron job
    PID:708

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads