Overview

overview

7

Static

static

1

036ed5c6f9...4f.elf

debian-12-mipsel

7

Analysis

  • max time kernel
    150s
  • max time network
    149s
  • platform
    debian-12_mipsel
  • resource
    debian12-mipsel-20240221-en
  • resource tags

    arch:mipselimage:debian12-mipsel-20240221-enkernel:6.1.0-17-4kc-maltalocale:en-usos:debian-12-mipselsystem
  • submitted
    18/04/2024, 07:07

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    036ed5c6f97127e48b6a31781c28ec3e64ec75b2bdc36cb18bb08efb2fef344f.elf

  • Size

    203KB

  • MD5

    78387215b89f73a31e3dd4b9281077b3

  • SHA1

    376f0d18f67b81e7ad9f372892e401a11af1c842

  • SHA256

    036ed5c6f97127e48b6a31781c28ec3e64ec75b2bdc36cb18bb08efb2fef344f

  • SHA512

    2992cc78999a9f08f929a1891b1d1b13fa2b9cb16da2613e191122d1fa655205b0a8e4ad1ebedac2a0e5aac81e4fc0145fc981d35a660aa56e8ca17ab5516ab1

  • SSDEEP

    1536:pawBEP/vGUQBiFUCW70cx7dCgSPF8fy3T3TnVIF3raKalJOwUfXZzZRgEYfenzHB:prlOUfnx7BS6ClwwUziuZZHmSHDyDde

Score
7/10

Malware Config

Signatures

  • Changes its process name 1 IoCs
  • Unexpected DNS network traffic destination 39 IoCs

    Network traffic to other servers than the configured DNS servers was detected on the DNS port.

  • Enumerates active TCP sockets 1 TTPs 1 IoCs

    Gets active TCP sockets from /proc virtual filesystem.

  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

Processes

  • /tmp/036ed5c6f97127e48b6a31781c28ec3e64ec75b2bdc36cb18bb08efb2fef344f.elf
    /tmp/036ed5c6f97127e48b6a31781c28ec3e64ec75b2bdc36cb18bb08efb2fef344f.elf
    1⤵
    • Changes its process name
    PID:725

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads