Overview

overview

9

Static

static

1

mips

debian-9-mips

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    mips

  • Size

    78KB

  • Sample

    240225-m8tsssba6z

  • MD5

    1b4b83f0de87d0e9865705bf5dae9443

  • SHA1

    b3561cbde2e244310c1fd447a64382dca120dfac

  • SHA256

    7fcbcb420b7e56468fb7bf1e1f47ada2c0e723a826455b7241c81856dae0d89d

  • SHA512

    e98eebcdd10177a86393398115bc1b901219e5834ddef7dd40f45ebe1b76ad20f537dac9757f0b4e690a6eb48a164e03aa1839cac9fe31c88f718df8975a9d5a

  • SSDEEP

    1536:00jHUXUWpp7C95+pkuAnfngunIfn6CFfn3qx+HX53pSh/VnI8sRX:00UpppC5juAnfn9cQZVnI9

Score
9/10
discovery

Malware Config

Targets

    • Target

      mips

    • Size

      78KB

    • MD5

      1b4b83f0de87d0e9865705bf5dae9443

    • SHA1

      b3561cbde2e244310c1fd447a64382dca120dfac

    • SHA256

      7fcbcb420b7e56468fb7bf1e1f47ada2c0e723a826455b7241c81856dae0d89d

    • SHA512

      e98eebcdd10177a86393398115bc1b901219e5834ddef7dd40f45ebe1b76ad20f537dac9757f0b4e690a6eb48a164e03aa1839cac9fe31c88f718df8975a9d5a

    • SSDEEP

      1536:00jHUXUWpp7C95+pkuAnfngunIfn6CFfn3qx+HX53pSh/VnI8sRX:00UpppC5juAnfn9cQZVnI9

    Score
    9/10
    discovery

    • Contacts a large (132539) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Changes its process name

    • Renames itself

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Enumerates active TCP sockets

      Gets active TCP sockets from /proc virtual filesystem.

    • Enumerates running processes

      Discovers information about currently running processes on the system

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks