Overview

overview

10

Static

static

10

0490e8427a...c7.elf

ubuntu-18.04-amd64

0490e8427a...c7.elf

debian-9-armhf

0490e8427a...c7.elf

debian-9-mips

0490e8427a...c7.elf

debian-9-mipsel

068428a4ac...26.exe

windows7-x64

1

068428a4ac...26.exe

windows10-2004-x64

1

087421ac22...94.elf

debian-9-mipsel

10

0c4791a6b4...ea.elf

debian-9-armhf

10

0d9bd2ae2e...ea.exe

windows7-x64

10

0d9bd2ae2e...ea.exe

windows10-2004-x64

7

0fa00d4f4f...70.dll

windows7-x64

1

0fa00d4f4f...70.dll

windows10-2004-x64

1

10de02fec8...d1.bat

windows7-x64

1

10de02fec8...d1.bat

windows10-2004-x64

8

1157191701...32.exe

windows7-x64

7

1157191701...32.exe

windows10-2004-x64

10

16e81343ec...a5.exe

windows7-x64

7

16e81343ec...a5.exe

windows10-2004-x64

7

17691f0962...b7.elf

debian-9-mipsel

7

17c24104e8...12.exe

windows7-x64

3

17c24104e8...12.exe

windows10-2004-x64

3

$PLUGINSDI...ol.dll

windows7-x64

3

$PLUGINSDI...ol.dll

windows10-2004-x64

3

$PLUGINSDI...ss.dll

windows7-x64

3

$PLUGINSDI...ss.dll

windows10-2004-x64

3

CommandPost.exe

windows7-x64

3

CommandPost.exe

windows10-2004-x64

3

Uninstall.exe

windows7-x64

7

Uninstall.exe

windows10-2004-x64

7

$PLUGINSDI...ss.dll

windows7-x64

3

$PLUGINSDI...ss.dll

windows10-2004-x64

3

1816cd993d...28.exe

windows7-x64

7

Resubmissions

22-04-2024 22:02

240422-1xtwbagh68 10

22-04-2024 19:25

240422-x42b7afa68 10

19-04-2024 03:02

240419-djmthsfh8w 10

Analysis

  • max time kernel
    216s
  • max time network
    225s
  • platform
    debian-9_mipsel
  • resource
    debian9-mipsel-20240226-en
  • resource tags

    arch:mipselimage:debian9-mipsel-20240226-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipselsystem
  • submitted
    19-04-2024 03:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    17691f0962027e7110f727ae997f8af5885dd783674d1db023d467ec478515b7.elf

  • Size

    177KB

  • MD5

    a34eeacb65f86c57bdea56175af169ef

  • SHA1

    6f474269c97412679d64187a3e99eec1707b4200

  • SHA256

    17691f0962027e7110f727ae997f8af5885dd783674d1db023d467ec478515b7

  • SHA512

    7e763bec443a758df9c6f322087a07cf12406a5b46ba6049ddf3fd33c780f1bbe32cd7dd7e7fb19f9a43bd4d168984de1df925c525304099e6f8cd44947da432

  • SSDEEP

    3072:Mwoe3s52Zt9nQiX/GpO1SMRpp6NWJdWQwi:MnSskZDQiX/2ObRWoDWf

Score
7/10

Malware Config

Signatures

  • Changes its process name 1 IoCs
  • Enumerates running processes

    Discovers information about currently running processes on the system

  • Reads runtime system information 64 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/17691f0962027e7110f727ae997f8af5885dd783674d1db023d467ec478515b7.elf
    /tmp/17691f0962027e7110f727ae997f8af5885dd783674d1db023d467ec478515b7.elf
    1⤵
    • Changes its process name
    PID:810

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads