56e20e1156cda633f1d623b4c6ff3cb709c92cc2c0e0a81a3ec0b97643658cd6 | Triage

Submit
Reports

Overview

overview

7

Static

static

1

d5601202df...12179a

debian-12-mipsel

7

Resubmissions

16-04-2024 09:41

240416-lnrx2agd6t 7

16-04-2024 09:34

240416-lj2axagc7s 7

Sharing

General

Target

d5601202dff3017db238145ff21857415f663031aca9b3d534bec8991b12179a.rar
Size

82KB
Sample

240416-lnrx2agd6t
MD5

5aa397f1f1413aadcf22aa5d23c4f32f
SHA1

d199c2c7e4c1e0d0930361ef6afb9c221b873573
SHA256

56e20e1156cda633f1d623b4c6ff3cb709c92cc2c0e0a81a3ec0b97643658cd6
SHA512

23a7b97cda4e33dd49f068a4e76e5e24cc64a433e4242858694102102a444a276c468271017ddbcb57a1913cd7d0cec1af655dfefe1fb7fadc36a5c83517e41b
SSDEEP

1536:H+rk9CITlSHUedZifzmpXeZBIit3Bx+WWAbcAisSx5d6fGEmx0m94us6:vLTQ3s6pXeZz3Bx+fZN6uas4C

Score

7^/10

Static task

static1

Behavioral task

behavioral1

Sample

d5601202dff3017db238145ff21857415f663031aca9b3d534bec8991b12179a

Resource

debian12-mipsel-20240221-en

debian-12-mipsel

9 signatures

300 seconds

Malware Config

Targets

- Target
  
  d5601202dff3017db238145ff21857415f663031aca9b3d534bec8991b12179a
- Size
  
  83KB
- MD5
  
  b8ed2cb3e9fedec5b164ce84ad5a08d0
- SHA1
  
  b45ef9ad0a29b0a402d1613b10c3f6e95686230c
- SHA256
  
  d5601202dff3017db238145ff21857415f663031aca9b3d534bec8991b12179a
- SHA512
  
  98aa6abf6bc6b27ea2833122c468e436c267ef40c5ecbbd6446174d0859920e7b7bbcec617e12d7aa9e89e0492e5dcf4cf49a6208e7252fd0619047818454a31
- SSDEEP
  
  1536:m3LqE6rUQWzVQR7iAGEcUT5PIi7pLqBNs4LOjcwf4nB6XuzGNy+iSc7tNUZM:mOE6PWo1T5bz4LVMXuzVNScWM
Score

7^/10
- Changes its process name
- Deletes itself
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
- Enumerates active TCP sockets
  Gets active TCP sockets from /proc virtual filesystem.
- Enumerates running processes
  Discovers information about currently running processes on the system
- Reads system routing table
  Gets active network interfaces from /proc virtual filesystem.
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

System Network Connections Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy