Analysis

  • max time kernel
    36s
  • max time network
    55s
  • platform
    debian-9_mips
  • resource
    debian9-mipsbe-20240226-en
  • resource tags

    arch:mipsimage:debian9-mipsbe-20240226-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipssystem
  • submitted
    29/02/2024, 05:30

General

  • Target

    6c7e5641ef487524708c94c585d8575bee343c25e1fabcb2b49e9ae26849e5f7.elf

  • Size

    123KB

  • MD5

    bae0c9d003927c8a3d45bc9c037375f7

  • SHA1

    8eeb9e9c7adbab720d41a9f9be11b36a60a6e43d

  • SHA256

    6c7e5641ef487524708c94c585d8575bee343c25e1fabcb2b49e9ae26849e5f7

  • SHA512

    386bafce421a1e1d5881a0d4c2dbdfa0f58c5b46b85130862f976f076e04e9f3f2488be19c1415b9ef71ded6bd6aeed980677c5776a8035594ba7e5333e14ad4

  • SSDEEP

    3072:0rG6r/Jvx96mBPYEHL7Tg1UjBEEGUBGxIr7M+jQ199n:qGw/Fx9ZBPtL756Gkf99n

Score
7/10

Malware Config

Signatures

  • Modifies Watchdog functionality 1 TTPs 2 IoCs

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

  • Enumerates running processes

    Discovers information about currently running processes on the system

  • Reads system routing table 1 TTPs 1 IoCs

    Gets active network interfaces from /proc virtual filesystem.

  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

  • Reads runtime system information 31 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/6c7e5641ef487524708c94c585d8575bee343c25e1fabcb2b49e9ae26849e5f7.elf
    /tmp/6c7e5641ef487524708c94c585d8575bee343c25e1fabcb2b49e9ae26849e5f7.elf
    1⤵
    • Reads system routing table
    • Reads system network configuration
    PID:701

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads