Analysis
-
max time kernel
149s -
max time network
149s -
platform
debian-9_mipsel -
resource
debian9-mipsel-20240226-en -
resource tags
-
submitted
29-04-2024 01:01
General
-
Target
31ef6464f4798017e299af3bdb62200f93b38d85c269f8501ca8211fe91f0d5c.elf
-
Size
244KB
-
MD5
0e5051b1f3d41ef27ba72a8b6f8b0029
-
SHA1
d6d0bbab3b2f334d380e5a749bab42dd3b198473
-
SHA256
31ef6464f4798017e299af3bdb62200f93b38d85c269f8501ca8211fe91f0d5c
-
SHA512
a9a2445d2a1fe7e4a88498747c27f671901057912c60c268d7feda21cb9be1b62836be2b5e62e6134b22e2a8d2ec6cc73aa52bab423438b49df88fa7d3846675
-
SSDEEP
6144:XcKDT4tAM7MBUXk5q9GZalny7TTb4m/fa1J8b:toyUm/fa1J8b
Malware Config
Signatures
-
Reads system routing table 1 TTPs 1 IoCs
Gets active network interfaces from /proc virtual filesystem.
-
Reads system network configuration 1 TTPs 1 IoCs
Uses contents of /proc filesystem to enumerate network settings.
-
Reads runtime system information 1 IoCs
Reads data from /proc virtual filesystem.
-
Writes file to tmp directory 1 IoCs
Malware often drops required files in the /tmp directory.
Processes
-
/tmp/31ef6464f4798017e299af3bdb62200f93b38d85c269f8501ca8211fe91f0d5c.elf/tmp/31ef6464f4798017e299af3bdb62200f93b38d85c269f8501ca8211fe91f0d5c.elf1⤵
- Reads system routing table
- Reads system network configuration
- Reads runtime system information
- Writes file to tmp directory
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
130B
MD5deb199cfad054016272b5881abcfe0e3
SHA1b5514a9f6e090a324fc39dbcc80efefed384eeb9
SHA256113281672d61a5dd3e7f598a08f3e4ad9900dc3dfe6edbeca7c856886bf9f1b3
SHA5121bd9c587864e5853691bea5e9c4d51cfb57c4e1ff5f5e273c33cc49eaf42d0bec8499858da391cd5bdbdd323fb0d4dba5526c3fea8ef41aa97cea0728c1f46fa