121da51b5fbc85cc4d13323d138787483d5babb2482d50cedbdd0c061c18244b

General

Target

121da51b5fbc85cc4d13323d138787483d5babb2482d50cedbdd0c061c18244b.elf
Size

106KB
MD5

a5ce6a5f5bf1117d4d86a8ba6819012e
SHA1

f368de428121f005a34601341b7b459fe00dae7e
SHA256

121da51b5fbc85cc4d13323d138787483d5babb2482d50cedbdd0c061c18244b
SHA512

4a9b7c730af5308a0523ef56f235c9edd099b2d0cf7a0966ffc4b0bf2d05f896cdcc6111e88c939fb5f623bb206b71b65923f94cefce30cecf8029c1b59b12ae
SSDEEP

3072:O1iOep8X1gMhg4VWkKDjb9sG/H0USyA/r91zk:O1iOep8X1gMhg4VdYt9URz91z

Score

6^/10

Malware Config

Signatures

Enumerates running processes
Discovers information about currently running processes on the system

Changes its process name 1 IoCs

Processes:

121da51b5fbc85cc4d13323d138787483d5babb2482d50cedbdd0c061c18244b.elf

description	pid	process
Changes the process name, possibly in an attempt to hide itself	1465	121da51b5fbc85cc4d13323d138787483d5babb2482d50cedbdd0c061c18244b.elf

Reads runtime system information 64 IoCs

Reads data from /proc virtual filesystem.

Processes:

121da51b5fbc85cc4d13323d138787483d5babb2482d50cedbdd0c061c18244b.elf

description	ioc	process
File opened for reading	/proc/441/cmdline	121da51b5fbc85cc4d13323d138787483d5babb2482d50cedbdd0c061c18244b.elf
File opened for reading	/proc/1503/cmdline	121da51b5fbc85cc4d13323d138787483d5babb2482d50cedbdd0c061c18244b.elf
File opened for reading	/proc/1554/cmdline	121da51b5fbc85cc4d13323d138787483d5babb2482d50cedbdd0c061c18244b.elf
File opened for reading	/proc/1610/cmdline	121da51b5fbc85cc4d13323d138787483d5babb2482d50cedbdd0c061c18244b.elf
File opened for reading	/proc/1615/cmdline	121da51b5fbc85cc4d13323d138787483d5babb2482d50cedbdd0c061c18244b.elf
File opened for reading	/proc/1638/cmdline	121da51b5fbc85cc4d13323d138787483d5babb2482d50cedbdd0c061c18244b.elf
File opened for reading	/proc/75/cmdline	121da51b5fbc85cc4d13323d138787483d5babb2482d50cedbdd0c061c18244b.elf
File opened for reading	/proc/1405/cmdline	121da51b5fbc85cc4d13323d138787483d5babb2482d50cedbdd0c061c18244b.elf
File opened for reading	/proc/1519/cmdline	121da51b5fbc85cc4d13323d138787483d5babb2482d50cedbdd0c061c18244b.elf
File opened for reading	/proc/1526/cmdline	121da51b5fbc85cc4d13323d138787483d5babb2482d50cedbdd0c061c18244b.elf
File opened for reading	/proc/1621/cmdline	121da51b5fbc85cc4d13323d138787483d5babb2482d50cedbdd0c061c18244b.elf
File opened for reading	/proc/1628/cmdline	121da51b5fbc85cc4d13323d138787483d5babb2482d50cedbdd0c061c18244b.elf
File opened for reading	/proc/1033/cmdline	121da51b5fbc85cc4d13323d138787483d5babb2482d50cedbdd0c061c18244b.elf
File opened for reading	/proc/1400/cmdline	121da51b5fbc85cc4d13323d138787483d5babb2482d50cedbdd0c061c18244b.elf
File opened for reading	/proc/1483/cmdline	121da51b5fbc85cc4d13323d138787483d5babb2482d50cedbdd0c061c18244b.elf
File opened for reading	/proc/1575/cmdline	121da51b5fbc85cc4d13323d138787483d5babb2482d50cedbdd0c061c18244b.elf
File opened for reading	/proc/165/cmdline	121da51b5fbc85cc4d13323d138787483d5babb2482d50cedbdd0c061c18244b.elf
File opened for reading	/proc/396/cmdline	121da51b5fbc85cc4d13323d138787483d5babb2482d50cedbdd0c061c18244b.elf
File opened for reading	/proc/504/cmdline	121da51b5fbc85cc4d13323d138787483d5babb2482d50cedbdd0c061c18244b.elf
File opened for reading	/proc/807/cmdline	121da51b5fbc85cc4d13323d138787483d5babb2482d50cedbdd0c061c18244b.elf
File opened for reading	/proc/954/cmdline	121da51b5fbc85cc4d13323d138787483d5babb2482d50cedbdd0c061c18244b.elf
File opened for reading	/proc/1080/cmdline	121da51b5fbc85cc4d13323d138787483d5babb2482d50cedbdd0c061c18244b.elf
File opened for reading	/proc/1599/cmdline	121da51b5fbc85cc4d13323d138787483d5babb2482d50cedbdd0c061c18244b.elf
File opened for reading	/proc/1514/cmdline	121da51b5fbc85cc4d13323d138787483d5babb2482d50cedbdd0c061c18244b.elf
File opened for reading	/proc/1548/cmdline	121da51b5fbc85cc4d13323d138787483d5babb2482d50cedbdd0c061c18244b.elf
File opened for reading	/proc/2/cmdline	121da51b5fbc85cc4d13323d138787483d5babb2482d50cedbdd0c061c18244b.elf
File opened for reading	/proc/72/cmdline	121da51b5fbc85cc4d13323d138787483d5babb2482d50cedbdd0c061c18244b.elf
File opened for reading	/proc/82/cmdline	121da51b5fbc85cc4d13323d138787483d5babb2482d50cedbdd0c061c18244b.elf
File opened for reading	/proc/86/cmdline	121da51b5fbc85cc4d13323d138787483d5babb2482d50cedbdd0c061c18244b.elf
File opened for reading	/proc/102/cmdline	121da51b5fbc85cc4d13323d138787483d5babb2482d50cedbdd0c061c18244b.elf
File opened for reading	/proc/1066/cmdline	121da51b5fbc85cc4d13323d138787483d5babb2482d50cedbdd0c061c18244b.elf
File opened for reading	/proc/1636/cmdline	121da51b5fbc85cc4d13323d138787483d5babb2482d50cedbdd0c061c18244b.elf
File opened for reading	/proc/949/cmdline	121da51b5fbc85cc4d13323d138787483d5babb2482d50cedbdd0c061c18244b.elf
File opened for reading	/proc/88/cmdline	121da51b5fbc85cc4d13323d138787483d5babb2482d50cedbdd0c061c18244b.elf
File opened for reading	/proc/455/cmdline	121da51b5fbc85cc4d13323d138787483d5babb2482d50cedbdd0c061c18244b.elf
File opened for reading	/proc/895/cmdline	121da51b5fbc85cc4d13323d138787483d5babb2482d50cedbdd0c061c18244b.elf
File opened for reading	/proc/1037/cmdline	121da51b5fbc85cc4d13323d138787483d5babb2482d50cedbdd0c061c18244b.elf
File opened for reading	/proc/1077/cmdline	121da51b5fbc85cc4d13323d138787483d5babb2482d50cedbdd0c061c18244b.elf
File opened for reading	/proc/1585/cmdline	121da51b5fbc85cc4d13323d138787483d5babb2482d50cedbdd0c061c18244b.elf
File opened for reading	/proc/1595/cmdline	121da51b5fbc85cc4d13323d138787483d5babb2482d50cedbdd0c061c18244b.elf
File opened for reading	/proc/1608/cmdline	121da51b5fbc85cc4d13323d138787483d5babb2482d50cedbdd0c061c18244b.elf
File opened for reading	/proc/10/cmdline	121da51b5fbc85cc4d13323d138787483d5babb2482d50cedbdd0c061c18244b.elf
File opened for reading	/proc/76/cmdline	121da51b5fbc85cc4d13323d138787483d5babb2482d50cedbdd0c061c18244b.elf
File opened for reading	/proc/1383/cmdline	121da51b5fbc85cc4d13323d138787483d5babb2482d50cedbdd0c061c18244b.elf
File opened for reading	/proc/1475/cmdline	121da51b5fbc85cc4d13323d138787483d5babb2482d50cedbdd0c061c18244b.elf
File opened for reading	/proc/1487/cmdline	121da51b5fbc85cc4d13323d138787483d5babb2482d50cedbdd0c061c18244b.elf
File opened for reading	/proc/1515/cmdline	121da51b5fbc85cc4d13323d138787483d5babb2482d50cedbdd0c061c18244b.elf
File opened for reading	/proc/1291/cmdline	121da51b5fbc85cc4d13323d138787483d5babb2482d50cedbdd0c061c18244b.elf
File opened for reading	/proc/1404/cmdline	121da51b5fbc85cc4d13323d138787483d5babb2482d50cedbdd0c061c18244b.elf
File opened for reading	/proc/1542/cmdline	121da51b5fbc85cc4d13323d138787483d5babb2482d50cedbdd0c061c18244b.elf
File opened for reading	/proc/1632/cmdline	121da51b5fbc85cc4d13323d138787483d5babb2482d50cedbdd0c061c18244b.elf
File opened for reading	/proc/442/cmdline	121da51b5fbc85cc4d13323d138787483d5babb2482d50cedbdd0c061c18244b.elf
File opened for reading	/proc/1468/cmdline	121da51b5fbc85cc4d13323d138787483d5babb2482d50cedbdd0c061c18244b.elf
File opened for reading	/proc/1489/cmdline	121da51b5fbc85cc4d13323d138787483d5babb2482d50cedbdd0c061c18244b.elf
File opened for reading	/proc/1625/cmdline	121da51b5fbc85cc4d13323d138787483d5babb2482d50cedbdd0c061c18244b.elf
File opened for reading	/proc/1635/cmdline	121da51b5fbc85cc4d13323d138787483d5babb2482d50cedbdd0c061c18244b.elf
File opened for reading	/proc/16/cmdline	121da51b5fbc85cc4d13323d138787483d5babb2482d50cedbdd0c061c18244b.elf
File opened for reading	/proc/162/cmdline	121da51b5fbc85cc4d13323d138787483d5babb2482d50cedbdd0c061c18244b.elf
File opened for reading	/proc/639/cmdline	121da51b5fbc85cc4d13323d138787483d5babb2482d50cedbdd0c061c18244b.elf
File opened for reading	/proc/87/cmdline	121da51b5fbc85cc4d13323d138787483d5babb2482d50cedbdd0c061c18244b.elf
File opened for reading	/proc/1075/cmdline	121da51b5fbc85cc4d13323d138787483d5babb2482d50cedbdd0c061c18244b.elf
File opened for reading	/proc/1650/cmdline	121da51b5fbc85cc4d13323d138787483d5babb2482d50cedbdd0c061c18244b.elf
File opened for reading	/proc/1569/cmdline	121da51b5fbc85cc4d13323d138787483d5babb2482d50cedbdd0c061c18244b.elf
File opened for reading	/proc/1589/cmdline	121da51b5fbc85cc4d13323d138787483d5babb2482d50cedbdd0c061c18244b.elf

/tmp/121da51b5fbc85cc4d13323d138787483d5babb2482d50cedbdd0c061c18244b.elf
/tmp/121da51b5fbc85cc4d13323d138787483d5babb2482d50cedbdd0c061c18244b.elf
1⤵
- Changes its process name
- Reads runtime system information
PID:1465

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads