89ad0ea6bc60873a4926c07a7bf53ca21d52dcff7eba4b8e9f58e108f13d43f0

Analysis

max time kernel
149s
max time network
148s
platform
debian-9_mips
resource
debian9-mipsbe-20240226-en
resource tags

arch:mipsimage:debian9-mipsbe-20240226-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipssystem
submitted
25/04/2024, 01:43

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

89ad0ea6bc60873a4926c07a7bf53ca21d52dcff7eba4b8e9f58e108f13d43f0.elf
Size

177KB
MD5

f63eb157992f99092b43816c3c077e4b
SHA1

95eaf91ee9505e43c0b1f9d21ead7c38ef786d84
SHA256

89ad0ea6bc60873a4926c07a7bf53ca21d52dcff7eba4b8e9f58e108f13d43f0
SHA512

6ff7299548e9074c0ac6b350cb4f0a473af28752e30b1c38e94890b408bc9aebf1a18b6ff76b7a2d184401e562bb28ce8797cab7c15161308b98eb8c84153939
SSDEEP

3072:f6uSXvJnzjP0jCNzpyi579Yxy52tIen9A6qewZQIhaMh:f6uSXvJnvP0ONzYigAEnfqnZzhaa

Score

6^/10

Malware Config

Signatures

Enumerates running processes
Discovers information about currently running processes on the system

Changes its process name 1 IoCs

description	ioc	pid	Process
Changes the process name, possibly in an attempt to hide itself	a- M"!	704	89ad0ea6bc60873a4926c07a7bf53ca21d52dcff7eba4b8e9f58e108f13d43f0.elf

Reads runtime system information 64 IoCs

Reads data from /proc virtual filesystem.

description	ioc	Process
File opened for reading	/proc/731/cmdline	89ad0ea6bc60873a4926c07a7bf53ca21d52dcff7eba4b8e9f58e108f13d43f0.elf
File opened for reading	/proc/747/cmdline	89ad0ea6bc60873a4926c07a7bf53ca21d52dcff7eba4b8e9f58e108f13d43f0.elf
File opened for reading	/proc/775/cmdline	89ad0ea6bc60873a4926c07a7bf53ca21d52dcff7eba4b8e9f58e108f13d43f0.elf
File opened for reading	/proc/785/cmdline	89ad0ea6bc60873a4926c07a7bf53ca21d52dcff7eba4b8e9f58e108f13d43f0.elf
File opened for reading	/proc/791/cmdline	89ad0ea6bc60873a4926c07a7bf53ca21d52dcff7eba4b8e9f58e108f13d43f0.elf
File opened for reading	/proc/682/cmdline	89ad0ea6bc60873a4926c07a7bf53ca21d52dcff7eba4b8e9f58e108f13d43f0.elf
File opened for reading	/proc/719/cmdline	89ad0ea6bc60873a4926c07a7bf53ca21d52dcff7eba4b8e9f58e108f13d43f0.elf
File opened for reading	/proc/708/cmdline	89ad0ea6bc60873a4926c07a7bf53ca21d52dcff7eba4b8e9f58e108f13d43f0.elf
File opened for reading	/proc/717/cmdline	89ad0ea6bc60873a4926c07a7bf53ca21d52dcff7eba4b8e9f58e108f13d43f0.elf
File opened for reading	/proc/734/cmdline	89ad0ea6bc60873a4926c07a7bf53ca21d52dcff7eba4b8e9f58e108f13d43f0.elf
File opened for reading	/proc/735/cmdline	89ad0ea6bc60873a4926c07a7bf53ca21d52dcff7eba4b8e9f58e108f13d43f0.elf
File opened for reading	/proc/749/cmdline	89ad0ea6bc60873a4926c07a7bf53ca21d52dcff7eba4b8e9f58e108f13d43f0.elf
File opened for reading	/proc/774/cmdline	89ad0ea6bc60873a4926c07a7bf53ca21d52dcff7eba4b8e9f58e108f13d43f0.elf
File opened for reading	/proc/22/cmdline	89ad0ea6bc60873a4926c07a7bf53ca21d52dcff7eba4b8e9f58e108f13d43f0.elf
File opened for reading	/proc/703/cmdline	89ad0ea6bc60873a4926c07a7bf53ca21d52dcff7eba4b8e9f58e108f13d43f0.elf
File opened for reading	/proc/801/cmdline	89ad0ea6bc60873a4926c07a7bf53ca21d52dcff7eba4b8e9f58e108f13d43f0.elf
File opened for reading	/proc/808/cmdline	89ad0ea6bc60873a4926c07a7bf53ca21d52dcff7eba4b8e9f58e108f13d43f0.elf
File opened for reading	/proc/729/cmdline	89ad0ea6bc60873a4926c07a7bf53ca21d52dcff7eba4b8e9f58e108f13d43f0.elf
File opened for reading	/proc/375/cmdline	89ad0ea6bc60873a4926c07a7bf53ca21d52dcff7eba4b8e9f58e108f13d43f0.elf
File opened for reading	/proc/722/cmdline	89ad0ea6bc60873a4926c07a7bf53ca21d52dcff7eba4b8e9f58e108f13d43f0.elf
File opened for reading	/proc/119/cmdline	89ad0ea6bc60873a4926c07a7bf53ca21d52dcff7eba4b8e9f58e108f13d43f0.elf
File opened for reading	/proc/348/cmdline	89ad0ea6bc60873a4926c07a7bf53ca21d52dcff7eba4b8e9f58e108f13d43f0.elf
File opened for reading	/proc/374/cmdline	89ad0ea6bc60873a4926c07a7bf53ca21d52dcff7eba4b8e9f58e108f13d43f0.elf
File opened for reading	/proc/728/cmdline	89ad0ea6bc60873a4926c07a7bf53ca21d52dcff7eba4b8e9f58e108f13d43f0.elf
File opened for reading	/proc/5/cmdline	89ad0ea6bc60873a4926c07a7bf53ca21d52dcff7eba4b8e9f58e108f13d43f0.elf
File opened for reading	/proc/82/cmdline	89ad0ea6bc60873a4926c07a7bf53ca21d52dcff7eba4b8e9f58e108f13d43f0.elf
File opened for reading	/proc/789/cmdline	89ad0ea6bc60873a4926c07a7bf53ca21d52dcff7eba4b8e9f58e108f13d43f0.elf
File opened for reading	/proc/19/cmdline	89ad0ea6bc60873a4926c07a7bf53ca21d52dcff7eba4b8e9f58e108f13d43f0.elf
File opened for reading	/proc/76/cmdline	89ad0ea6bc60873a4926c07a7bf53ca21d52dcff7eba4b8e9f58e108f13d43f0.elf
File opened for reading	/proc/668/cmdline	89ad0ea6bc60873a4926c07a7bf53ca21d52dcff7eba4b8e9f58e108f13d43f0.elf
File opened for reading	/proc/696/cmdline	89ad0ea6bc60873a4926c07a7bf53ca21d52dcff7eba4b8e9f58e108f13d43f0.elf
File opened for reading	/proc/741/cmdline	89ad0ea6bc60873a4926c07a7bf53ca21d52dcff7eba4b8e9f58e108f13d43f0.elf
File opened for reading	/proc/782/cmdline	89ad0ea6bc60873a4926c07a7bf53ca21d52dcff7eba4b8e9f58e108f13d43f0.elf
File opened for reading	/proc/784/cmdline	89ad0ea6bc60873a4926c07a7bf53ca21d52dcff7eba4b8e9f58e108f13d43f0.elf
File opened for reading	/proc/796/cmdline	89ad0ea6bc60873a4926c07a7bf53ca21d52dcff7eba4b8e9f58e108f13d43f0.elf
File opened for reading	/proc/11/cmdline	89ad0ea6bc60873a4926c07a7bf53ca21d52dcff7eba4b8e9f58e108f13d43f0.elf
File opened for reading	/proc/120/cmdline	89ad0ea6bc60873a4926c07a7bf53ca21d52dcff7eba4b8e9f58e108f13d43f0.elf
File opened for reading	/proc/803/cmdline	89ad0ea6bc60873a4926c07a7bf53ca21d52dcff7eba4b8e9f58e108f13d43f0.elf
File opened for reading	/proc/702/cmdline	89ad0ea6bc60873a4926c07a7bf53ca21d52dcff7eba4b8e9f58e108f13d43f0.elf
File opened for reading	/proc/721/cmdline	89ad0ea6bc60873a4926c07a7bf53ca21d52dcff7eba4b8e9f58e108f13d43f0.elf
File opened for reading	/proc/772/cmdline	89ad0ea6bc60873a4926c07a7bf53ca21d52dcff7eba4b8e9f58e108f13d43f0.elf
File opened for reading	/proc/77/cmdline	89ad0ea6bc60873a4926c07a7bf53ca21d52dcff7eba4b8e9f58e108f13d43f0.elf
File opened for reading	/proc/169/cmdline	89ad0ea6bc60873a4926c07a7bf53ca21d52dcff7eba4b8e9f58e108f13d43f0.elf
File opened for reading	/proc/758/cmdline	89ad0ea6bc60873a4926c07a7bf53ca21d52dcff7eba4b8e9f58e108f13d43f0.elf
File opened for reading	/proc/768/cmdline	89ad0ea6bc60873a4926c07a7bf53ca21d52dcff7eba4b8e9f58e108f13d43f0.elf
File opened for reading	/proc/6/cmdline	89ad0ea6bc60873a4926c07a7bf53ca21d52dcff7eba4b8e9f58e108f13d43f0.elf
File opened for reading	/proc/732/cmdline	89ad0ea6bc60873a4926c07a7bf53ca21d52dcff7eba4b8e9f58e108f13d43f0.elf
File opened for reading	/proc/649/cmdline	89ad0ea6bc60873a4926c07a7bf53ca21d52dcff7eba4b8e9f58e108f13d43f0.elf
File opened for reading	/proc/753/cmdline	89ad0ea6bc60873a4926c07a7bf53ca21d52dcff7eba4b8e9f58e108f13d43f0.elf
File opened for reading	/proc/773/cmdline	89ad0ea6bc60873a4926c07a7bf53ca21d52dcff7eba4b8e9f58e108f13d43f0.elf
File opened for reading	/proc/9/cmdline	89ad0ea6bc60873a4926c07a7bf53ca21d52dcff7eba4b8e9f58e108f13d43f0.elf
File opened for reading	/proc/75/cmdline	89ad0ea6bc60873a4926c07a7bf53ca21d52dcff7eba4b8e9f58e108f13d43f0.elf
File opened for reading	/proc/757/cmdline	89ad0ea6bc60873a4926c07a7bf53ca21d52dcff7eba4b8e9f58e108f13d43f0.elf
File opened for reading	/proc/799/cmdline	89ad0ea6bc60873a4926c07a7bf53ca21d52dcff7eba4b8e9f58e108f13d43f0.elf
File opened for reading	/proc/809/cmdline	89ad0ea6bc60873a4926c07a7bf53ca21d52dcff7eba4b8e9f58e108f13d43f0.elf
File opened for reading	/proc/810/cmdline	89ad0ea6bc60873a4926c07a7bf53ca21d52dcff7eba4b8e9f58e108f13d43f0.elf
File opened for reading	/proc/18/cmdline	89ad0ea6bc60873a4926c07a7bf53ca21d52dcff7eba4b8e9f58e108f13d43f0.elf
File opened for reading	/proc/714/cmdline	89ad0ea6bc60873a4926c07a7bf53ca21d52dcff7eba4b8e9f58e108f13d43f0.elf
File opened for reading	/proc/740/cmdline	89ad0ea6bc60873a4926c07a7bf53ca21d52dcff7eba4b8e9f58e108f13d43f0.elf
File opened for reading	/proc/750/cmdline	89ad0ea6bc60873a4926c07a7bf53ca21d52dcff7eba4b8e9f58e108f13d43f0.elf
File opened for reading	/proc/727/cmdline	89ad0ea6bc60873a4926c07a7bf53ca21d52dcff7eba4b8e9f58e108f13d43f0.elf
File opened for reading	/proc/737/cmdline	89ad0ea6bc60873a4926c07a7bf53ca21d52dcff7eba4b8e9f58e108f13d43f0.elf
File opened for reading	/proc/152/cmdline	89ad0ea6bc60873a4926c07a7bf53ca21d52dcff7eba4b8e9f58e108f13d43f0.elf
File opened for reading	/proc/707/cmdline	89ad0ea6bc60873a4926c07a7bf53ca21d52dcff7eba4b8e9f58e108f13d43f0.elf

/tmp/89ad0ea6bc60873a4926c07a7bf53ca21d52dcff7eba4b8e9f58e108f13d43f0.elf
/tmp/89ad0ea6bc60873a4926c07a7bf53ca21d52dcff7eba4b8e9f58e108f13d43f0.elf
1⤵
- Changes its process name
- Reads runtime system information
PID:704

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads