Overview

overview

10

Static

static

10

653-1-0x00...ry.dmp

debian-9-armhf

7

Analysis

  • max time kernel
    149s
  • max time network
    4s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20240226-en
  • resource tags

    arch:armhfimage:debian9-armhf-20240226-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    27-03-2024 11:26

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    653-1-0x00008000-0x00026464-memory.dmp

  • Size

    76KB

  • MD5

    d7176b8ef72b772d782cbb5debdf6235

  • SHA1

    0163852b5bad9dceb331758c703c90b338bab706

  • SHA256

    190b8bb9452a8e70c1110cb4a6bef092ec424f7aed027d7a401a36e343133ed0

  • SHA512

    db7210122ed7e589b8fbad818a32cdeba8cf1c02bf2d3a17dc7e9da02a62799518811ad934af485429fde321d0fcca7d448b2742659e023aa1853f1210a33979

  • SSDEEP

    1536:TJnF9sFw8gu6+wyKaw1KpIPrbvr/6Ra1styKtI8ll5BihwlTQP+8of:RowpuQyNSG2eRa1styK9flTQPHo

Score
7/10

Malware Config

Signatures

  • Modifies Watchdog functionality 1 TTPs 2 IoCs

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

  • Enumerates running processes

    Discovers information about currently running processes on the system

  • Writes file to system bin folder 1 TTPs 2 IoCs
  • Reads runtime system information 31 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/653-1-0x00008000-0x00026464-memory.dmp
    /tmp/653-1-0x00008000-0x00026464-memory.dmp
    1⤵
      PID:657

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads