69347c65234171f95483ff2d171084c0d8f703e71548a29d4839d2b84ea80a6e

General

Target

61d81c2f32da1ac3033e9132b61926b8342310c6ba2e899773a8d6f078d229f2.elf
Size

153KB
MD5

a542b07e5a587db4a8d3a4d843ecfac1
SHA1

bf6a26fe29871bcbb5d7aad58591797035c182b5
SHA256

61d81c2f32da1ac3033e9132b61926b8342310c6ba2e899773a8d6f078d229f2
SHA512

a723fa0b0f4bc26e20691be76996856cd7540f1d8ebd5826f5cdc1da6115e83db59ef384df5c4749e083d70fa5e745f53d8c89f83de36ae93ca1a64579f95337
SSDEEP

3072:30MUdi18VNT8aSmiuM1Z9665rhWycqsci/mCGM/9HODF9z+:30MUQ1ad8aSmiuM1/6MWxRci/mrM/9qK

Score

7^/10

Malware Config

Signatures

Deletes itself 1 IoCs

Processes:

pid

709

pid
709

Changes its process name 1 IoCs

Processes:

61d81c2f32da1ac3033e9132b61926b8342310c6ba2e899773a8d6f078d229f2.elf

description	ioc	pid	process
Changes the process name, possibly in an attempt to hide itself	httpd	707	61d81c2f32da1ac3033e9132b61926b8342310c6ba2e899773a8d6f078d229f2.elf

Reads runtime system information 64 IoCs

Reads data from /proc virtual filesystem.

Processes:

61d81c2f32da1ac3033e9132b61926b8342310c6ba2e899773a8d6f078d229f2.elf

description	ioc	process
File opened for reading	/proc/555s�/cmdline	61d81c2f32da1ac3033e9132b61926b8342310c6ba2e899773a8d6f078d229f2.elf
File opened for reading	/proc/7777�;/cmdline	61d81c2f32da1ac3033e9132b61926b8342310c6ba2e899773a8d6f078d229f2.elf
File opened for reading	/proc/6666�;/stat	61d81c2f32da1ac3033e9132b61926b8342310c6ba2e899773a8d6f078d229f2.elf
File opened for reading	/proc/7777�;/stat	61d81c2f32da1ac3033e9132b61926b8342310c6ba2e899773a8d6f078d229f2.elf
File opened for reading	/proc/222/cmdline	61d81c2f32da1ac3033e9132b61926b8342310c6ba2e899773a8d6f078d229f2.elf
File opened for reading	/proc/22/stat	61d81c2f32da1ac3033e9132b61926b8342310c6ba2e899773a8d6f078d229f2.elf
File opened for reading	/proc/333s�/stat	61d81c2f32da1ac3033e9132b61926b8342310c6ba2e899773a8d6f078d229f2.elf
File opened for reading	/proc/1111�1/stat	61d81c2f32da1ac3033e9132b61926b8342310c6ba2e899773a8d6f078d229f2.elf
File opened for reading	/proc/7777�;/cmdline	61d81c2f32da1ac3033e9132b61926b8342310c6ba2e899773a8d6f078d229f2.elf
File opened for reading	/proc/1111�/cmdline	61d81c2f32da1ac3033e9132b61926b8342310c6ba2e899773a8d6f078d229f2.elf
File opened for reading	/proc/6666E;/cmdline	61d81c2f32da1ac3033e9132b61926b8342310c6ba2e899773a8d6f078d229f2.elf
File opened for reading	/proc/6666�7/stat	61d81c2f32da1ac3033e9132b61926b8342310c6ba2e899773a8d6f078d229f2.elf
File opened for reading	/proc/7777�;/cmdline	61d81c2f32da1ac3033e9132b61926b8342310c6ba2e899773a8d6f078d229f2.elf
File opened for reading	/proc/7777�;/cmdline	61d81c2f32da1ac3033e9132b61926b8342310c6ba2e899773a8d6f078d229f2.elf
File opened for reading	/proc/88/stat	61d81c2f32da1ac3033e9132b61926b8342310c6ba2e899773a8d6f078d229f2.elf
File opened for reading	/proc/111u/stat	61d81c2f32da1ac3033e9132b61926b8342310c6ba2e899773a8d6f078d229f2.elf
File opened for reading	/proc/1111�/stat	61d81c2f32da1ac3033e9132b61926b8342310c6ba2e899773a8d6f078d229f2.elf
File opened for reading	/proc/111/cmdline	61d81c2f32da1ac3033e9132b61926b8342310c6ba2e899773a8d6f078d229f2.elf
File opened for reading	/proc/222c�/cmdline	61d81c2f32da1ac3033e9132b61926b8342310c6ba2e899773a8d6f078d229f2.elf
File opened for reading	/proc/555/cmdline	61d81c2f32da1ac3033e9132b61926b8342310c6ba2e899773a8d6f078d229f2.elf
File opened for reading	/proc/1111�;/cmdline	61d81c2f32da1ac3033e9132b61926b8342310c6ba2e899773a8d6f078d229f2.elf
File opened for reading	/proc/3333A5/stat	61d81c2f32da1ac3033e9132b61926b8342310c6ba2e899773a8d6f078d229f2.elf
File opened for reading	/proc/7777�;/cmdline	61d81c2f32da1ac3033e9132b61926b8342310c6ba2e899773a8d6f078d229f2.elf
File opened for reading	/proc/7777</cmdline	61d81c2f32da1ac3033e9132b61926b8342310c6ba2e899773a8d6f078d229f2.elf
File opened for reading	/proc/6666�8/stat	61d81c2f32da1ac3033e9132b61926b8342310c6ba2e899773a8d6f078d229f2.elf
File opened for reading	/proc/7777�;/stat	61d81c2f32da1ac3033e9132b61926b8342310c6ba2e899773a8d6f078d229f2.elf
File opened for reading	/proc/33/cmdline	61d81c2f32da1ac3033e9132b61926b8342310c6ba2e899773a8d6f078d229f2.elf
File opened for reading	/proc/333�/cmdline	61d81c2f32da1ac3033e9132b61926b8342310c6ba2e899773a8d6f078d229f2.elf
File opened for reading	/proc/2222�;/stat	61d81c2f32da1ac3033e9132b61926b8342310c6ba2e899773a8d6f078d229f2.elf
File opened for reading	/proc/33335/stat	61d81c2f32da1ac3033e9132b61926b8342310c6ba2e899773a8d6f078d229f2.elf
File opened for reading	/proc/1111�1/cmdline	61d81c2f32da1ac3033e9132b61926b8342310c6ba2e899773a8d6f078d229f2.elf
File opened for reading	/proc/222c�/stat	61d81c2f32da1ac3033e9132b61926b8342310c6ba2e899773a8d6f078d229f2.elf
File opened for reading	/proc/7777�;/stat	61d81c2f32da1ac3033e9132b61926b8342310c6ba2e899773a8d6f078d229f2.elf
File opened for reading	/proc/7777�;/cmdline	61d81c2f32da1ac3033e9132b61926b8342310c6ba2e899773a8d6f078d229f2.elf
File opened for reading	/proc/555/stat	61d81c2f32da1ac3033e9132b61926b8342310c6ba2e899773a8d6f078d229f2.elf
File opened for reading	/proc/6666 ;/stat	61d81c2f32da1ac3033e9132b61926b8342310c6ba2e899773a8d6f078d229f2.elf
File opened for reading	/proc/7777�;/stat	61d81c2f32da1ac3033e9132b61926b8342310c6ba2e899773a8d6f078d229f2.elf
File opened for reading	/proc/7777�;/stat	61d81c2f32da1ac3033e9132b61926b8342310c6ba2e899773a8d6f078d229f2.elf
File opened for reading	/proc/111c�/cmdline	61d81c2f32da1ac3033e9132b61926b8342310c6ba2e899773a8d6f078d229f2.elf
File opened for reading	/proc/7777�;/stat	61d81c2f32da1ac3033e9132b61926b8342310c6ba2e899773a8d6f078d229f2.elf
File opened for reading	/proc/7777�;/stat	61d81c2f32da1ac3033e9132b61926b8342310c6ba2e899773a8d6f078d229f2.elf
File opened for reading	/proc/333/cmdline	61d81c2f32da1ac3033e9132b61926b8342310c6ba2e899773a8d6f078d229f2.elf
File opened for reading	/proc/333�/stat	61d81c2f32da1ac3033e9132b61926b8342310c6ba2e899773a8d6f078d229f2.elf
File opened for reading	/proc/6666�8/stat	61d81c2f32da1ac3033e9132b61926b8342310c6ba2e899773a8d6f078d229f2.elf
File opened for reading	/proc/7777�;/cmdline	61d81c2f32da1ac3033e9132b61926b8342310c6ba2e899773a8d6f078d229f2.elf
File opened for reading	/proc/2222m4/cmdline	61d81c2f32da1ac3033e9132b61926b8342310c6ba2e899773a8d6f078d229f2.elf
File opened for reading	/proc/333�/stat	61d81c2f32da1ac3033e9132b61926b8342310c6ba2e899773a8d6f078d229f2.elf
File opened for reading	/proc/3333�4/stat	61d81c2f32da1ac3033e9132b61926b8342310c6ba2e899773a8d6f078d229f2.elf
File opened for reading	/proc/3333%5/stat	61d81c2f32da1ac3033e9132b61926b8342310c6ba2e899773a8d6f078d229f2.elf
File opened for reading	/proc/6666E;/stat	61d81c2f32da1ac3033e9132b61926b8342310c6ba2e899773a8d6f078d229f2.elf
File opened for reading	/proc/7777�;/stat	61d81c2f32da1ac3033e9132b61926b8342310c6ba2e899773a8d6f078d229f2.elf
File opened for reading	/proc/111u}/cmdline	61d81c2f32da1ac3033e9132b61926b8342310c6ba2e899773a8d6f078d229f2.elf
File opened for reading	/proc/333s�/cmdline	61d81c2f32da1ac3033e9132b61926b8342310c6ba2e899773a8d6f078d229f2.elf
File opened for reading	/proc/7777�;/cmdline	61d81c2f32da1ac3033e9132b61926b8342310c6ba2e899773a8d6f078d229f2.elf
File opened for reading	/proc/111/stat	61d81c2f32da1ac3033e9132b61926b8342310c6ba2e899773a8d6f078d229f2.elf
File opened for reading	/proc/7777�;/cmdline	61d81c2f32da1ac3033e9132b61926b8342310c6ba2e899773a8d6f078d229f2.elf
File opened for reading	/proc/444d�/stat	61d81c2f32da1ac3033e9132b61926b8342310c6ba2e899773a8d6f078d229f2.elf
File opened for reading	/proc/222l�/cmdline	61d81c2f32da1ac3033e9132b61926b8342310c6ba2e899773a8d6f078d229f2.elf
File opened for reading	/proc/333�/cmdline	61d81c2f32da1ac3033e9132b61926b8342310c6ba2e899773a8d6f078d229f2.elf
File opened for reading	/proc/444/cmdline	61d81c2f32da1ac3033e9132b61926b8342310c6ba2e899773a8d6f078d229f2.elf
File opened for reading	/proc/3333�4/cmdline	61d81c2f32da1ac3033e9132b61926b8342310c6ba2e899773a8d6f078d229f2.elf
File opened for reading	/proc/222/stat	61d81c2f32da1ac3033e9132b61926b8342310c6ba2e899773a8d6f078d229f2.elf
File opened for reading	/proc/555s�/stat	61d81c2f32da1ac3033e9132b61926b8342310c6ba2e899773a8d6f078d229f2.elf
File opened for reading	/proc/3333�4/stat	61d81c2f32da1ac3033e9132b61926b8342310c6ba2e899773a8d6f078d229f2.elf

/tmp/61d81c2f32da1ac3033e9132b61926b8342310c6ba2e899773a8d6f078d229f2.elf
/tmp/61d81c2f32da1ac3033e9132b61926b8342310c6ba2e899773a8d6f078d229f2.elf
1⤵
- Changes its process name
- Reads runtime system information
PID:707

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads