Overview

overview

10

Static

static

10

94.156.67....03.elf

debian-9-mips

7

Analysis

  • max time kernel
    149s
  • max time network
    151s
  • platform
    debian-9_mips
  • resource
    debian9-mipsbe-20240418-en
  • resource tags

    arch:mipsimage:debian9-mipsbe-20240418-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipssystem
  • submitted
    01-07-2024 10:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    94.156.67.161-mips-2024-07-01T102803.elf

  • Size

    103KB

  • MD5

    64803952187ec37edbf62242e27d0823

  • SHA1

    1699ad676224037879f70d310b300879825eea48

  • SHA256

    712824c481c3cd733c85f0e2da653eaa098912abb7c2705835780f1492f51f33

  • SHA512

    813890b7c6830b0a73979438d2f648523200d4884a1e82cc13167873f4b1fba6a07454e63764faf2c38ff492681440a6483804b677caf3d9e814f7f024f59c1b

  • SSDEEP

    1536:pjDM3NJj8kZb3fkGaO5EzBYymCrifXvXbM:pwJj8w+OSBBsfXI

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Renames itself 1 IoCs
  • Enumerates active TCP sockets 1 TTPs 1 IoCs

    Gets active TCP sockets from /proc virtual filesystem.

  • Changes its process name 1 IoCs
  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

Processes

  • /tmp/94.156.67.161-mips-2024-07-01T102803.elf
    /tmp/94.156.67.161-mips-2024-07-01T102803.elf
    1⤵
    • Deletes itself
    • Renames itself
    • Enumerates active TCP sockets
    • Changes its process name
    • Reads system network configuration
    PID:739

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads