c8459157382194625d3cde08a425767b29ae9b22d8e3447346fbe7fc3bf9357a

Analysis

max time kernel
150s
max time network
148s
platform
debian-12_mipsel
resource
debian12-mipsel-20240221-en
resource tags

arch:mipselimage:debian12-mipsel-20240221-enkernel:6.1.0-17-4kc-maltalocale:en-usos:debian-12-mipselsystem
submitted
23/02/2024, 05:34

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

c8459157382194625d3cde08a425767b29ae9b22d8e3447346fbe7fc3bf9357a.elf
Size

177KB
MD5

774250531bc6931554dec817f1eab6ff
SHA1

44a0805094d49ee4ca60cf0bb7c50a78caa5dc24
SHA256

c8459157382194625d3cde08a425767b29ae9b22d8e3447346fbe7fc3bf9357a
SHA512

5ed73d519f2db2322bd418d6ffbc4c2c8f28087cfe09c78313fee64c93a1487c547be5dc60c559e9c59f11bf31b55bbedc334533f9bd605c1d696eb93443e091
SSDEEP

3072:Mwoe3s5cZt9nQiX/GpO1SMRpp6NWJdWQRi:MnSsqZDQiX/2ObRWoDWa

Score

7^/10

Malware Config

Signatures

Changes its process name 1 IoCs

description	ioc	pid	Process
Changes the process name, possibly in an attempt to hide itself	a- M"!	723	c8459157382194625d3cde08a425767b29ae9b22d8e3447346fbe7fc3bf9357a.elf

Enumerates running processes
Discovers information about currently running processes on the system

Reads runtime system information 64 IoCs

Reads data from /proc virtual filesystem.

description	ioc
File opened for reading	/proc/19/cmdline
File opened for reading	/proc/30/cmdline
File opened for reading	/proc/744/cmdline
File opened for reading	/proc/747/cmdline
File opened for reading	/proc/751/cmdline
File opened for reading	/proc/758/cmdline
File opened for reading	/proc/764/cmdline
File opened for reading	/proc/17/cmdline
File opened for reading	/proc/25/cmdline
File opened for reading	/proc/28/cmdline
File opened for reading	/proc/695/cmdline
File opened for reading	/proc/728/cmdline
File opened for reading	/proc/742/cmdline
File opened for reading	/proc/773/cmdline
File opened for reading	/proc/21/cmdline
File opened for reading	/proc/137/cmdline
File opened for reading	/proc/717/cmdline
File opened for reading	/proc/737/cmdline
File opened for reading	/proc/739/cmdline
File opened for reading	/proc/768/cmdline
File opened for reading	/proc/10/cmdline
File opened for reading	/proc/380/cmdline
File opened for reading	/proc/679/cmdline
File opened for reading	/proc/719/cmdline
File opened for reading	/proc/772/cmdline
File opened for reading	/proc/778/cmdline
File opened for reading	/proc/771/cmdline
File opened for reading	/proc/5/cmdline
File opened for reading	/proc/403/cmdline
File opened for reading	/proc/721/cmdline
File opened for reading	/proc/730/cmdline
File opened for reading	/proc/11/cmdline
File opened for reading	/proc/31/cmdline
File opened for reading	/proc/58/cmdline
File opened for reading	/proc/111/cmdline
File opened for reading	/proc/777/cmdline
File opened for reading	/proc/783/cmdline
File opened for reading	/proc/37/cmdline
File opened for reading	/proc/713/cmdline
File opened for reading	/proc/752/cmdline
File opened for reading	/proc/769/cmdline
File opened for reading	/proc/784/cmdline
File opened for reading	/proc/18/cmdline
File opened for reading	/proc/746/cmdline
File opened for reading	/proc/748/cmdline
File opened for reading	/proc/753/cmdline
File opened for reading	/proc/366/cmdline
File opened for reading	/proc/715/cmdline
File opened for reading	/proc/14/cmdline
File opened for reading	/proc/738/cmdline
File opened for reading	/proc/762/cmdline
File opened for reading	/proc/9/cmdline
File opened for reading	/proc/741/cmdline
File opened for reading	/proc/3/cmdline
File opened for reading	/proc/47/cmdline
File opened for reading	/proc/388/cmdline
File opened for reading	/proc/726/cmdline
File opened for reading	/proc/26/cmdline
File opened for reading	/proc/300/cmdline
File opened for reading	/proc/405/cmdline
File opened for reading	/proc/732/cmdline
File opened for reading	/proc/733/cmdline
File opened for reading	/proc/667/cmdline
File opened for reading	/proc/33/cmdline

/tmp/c8459157382194625d3cde08a425767b29ae9b22d8e3447346fbe7fc3bf9357a.elf
/tmp/c8459157382194625d3cde08a425767b29ae9b22d8e3447346fbe7fc3bf9357a.elf
1⤵
- Changes its process name
PID:723

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads