7cc85b616516770c3b38bb18bb17b79b1ae1469b0228a605da09af9ec680f8ac

Analysis

max time kernel
149s
max time network
149s
platform
debian-9_mips
resource
debian9-mipsbe-20240226-en
resource tags

arch:mipsimage:debian9-mipsbe-20240226-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipssystem
submitted
10/04/2024, 10:45

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

6bb95dcc4055f479be99ce90d742b2d7.elf
Size

169KB
MD5

6bb95dcc4055f479be99ce90d742b2d7
SHA1

65fe368862188f4dbd682b484a4e2cb7f6f23e16
SHA256

7cc85b616516770c3b38bb18bb17b79b1ae1469b0228a605da09af9ec680f8ac
SHA512

468c4e8bb3af7d4fe01da6f891a52f689b5e6f4a80b58262fa79d1d1af9130066f13735d610118e202f2e4b17ea62f5a3456a8c05b78133d08332d39934ec21d
SSDEEP

1536:Cl2JvnXPvLAQuchMJdDNsCK9H1R8cA2iQembSM+xV7TfF+hPyO0Hb/z9t/Y:Cgv/WcwZsCK9VRhAX+bShFSP0Hbb9lY

Score

7^/10

Malware Config

Signatures

Changes its process name 1 IoCs

description	ioc	pid	Process
Changes the process name, possibly in an attempt to hide itself	a- M"!	711	6bb95dcc4055f479be99ce90d742b2d7.elf

Enumerates running processes
Discovers information about currently running processes on the system

Reads runtime system information 64 IoCs

Reads data from /proc virtual filesystem.

description	ioc
File opened for reading	/proc/76/cmdline
File opened for reading	/proc/741/cmdline
File opened for reading	/proc/742/cmdline
File opened for reading	/proc/770/cmdline
File opened for reading	/proc/780/cmdline
File opened for reading	/proc/792/cmdline
File opened for reading	/proc/815/cmdline
File opened for reading	/proc/70/cmdline
File opened for reading	/proc/160/cmdline
File opened for reading	/proc/704/cmdline
File opened for reading	/proc/721/cmdline
File opened for reading	/proc/752/cmdline
File opened for reading	/proc/773/cmdline
File opened for reading	/proc/782/cmdline
File opened for reading	/proc/790/cmdline
File opened for reading	/proc/8/cmdline
File opened for reading	/proc/179/cmdline
File opened for reading	/proc/687/cmdline
File opened for reading	/proc/759/cmdline
File opened for reading	/proc/768/cmdline
File opened for reading	/proc/783/cmdline
File opened for reading	/proc/803/cmdline
File opened for reading	/proc/19/cmdline
File opened for reading	/proc/77/cmdline
File opened for reading	/proc/731/cmdline
File opened for reading	/proc/812/cmdline
File opened for reading	/proc/814/cmdline
File opened for reading	/proc/750/cmdline
File opened for reading	/proc/766/cmdline
File opened for reading	/proc/779/cmdline
File opened for reading	/proc/2/cmdline
File opened for reading	/proc/16/cmdline
File opened for reading	/proc/710/cmdline
File opened for reading	/proc/753/cmdline
File opened for reading	/proc/756/cmdline
File opened for reading	/proc/761/cmdline
File opened for reading	/proc/805/cmdline
File opened for reading	/proc/817/cmdline
File opened for reading	/proc/3/cmdline
File opened for reading	/proc/707/cmdline
File opened for reading	/proc/739/cmdline
File opened for reading	/proc/13/cmdline
File opened for reading	/proc/387/cmdline
File opened for reading	/proc/722/cmdline
File opened for reading	/proc/682/cmdline
File opened for reading	/proc/736/cmdline
File opened for reading	/proc/737/cmdline
File opened for reading	/proc/776/cmdline
File opened for reading	/proc/785/cmdline
File opened for reading	/proc/813/cmdline
File opened for reading	/proc/67/cmdline
File opened for reading	/proc/729/cmdline
File opened for reading	/proc/769/cmdline
File opened for reading	/proc/677/cmdline
File opened for reading	/proc/800/cmdline
File opened for reading	/proc/802/cmdline
File opened for reading	/proc/12/cmdline
File opened for reading	/proc/72/cmdline
File opened for reading	/proc/82/cmdline
File opened for reading	/proc/764/cmdline
File opened for reading	/proc/784/cmdline
File opened for reading	/proc/789/cmdline
File opened for reading	/proc/796/cmdline
File opened for reading	/proc/20/cmdline

/tmp/6bb95dcc4055f479be99ce90d742b2d7.elf
/tmp/6bb95dcc4055f479be99ce90d742b2d7.elf
1⤵
- Changes its process name
PID:711

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads