Analysis
-
max time kernel
145s -
max time network
148s -
platform
debian-9_mipsel -
resource
debian9-mipsel-20240611-en -
resource tags
arch:mipselimage:debian9-mipsel-20240611-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipselsystem -
submitted
02-07-2024 05:54
Behavioral task
behavioral1
Sample
qkdjdjj22.mpsl.elf
Resource
debian9-mipsel-20240611-en
2 signatures
150 seconds
General
-
Target
qkdjdjj22.mpsl.elf
-
Size
209KB
-
MD5
f1ea984d4128169b4b15b0e204f9ce58
-
SHA1
1dff8b605fe5d64cc19c14d8c9eca11661133523
-
SHA256
a28f65005e99510e6865e8e613d753f5703ffa063ed48507b68db67029f23e54
-
SHA512
b66a6aa02427e4d938bc8b53d118139d831129bf774c3252b40abcc641eaf0a7dee0072c24b0b0d670e07fb90a373dc025aaa8451a8e3a4fef64a9a122f5fe36
-
SSDEEP
3072:T4mSFGv/kuidcX1qRdcB5hfH3TwpCMtmrpy6n9Nn:pn/ZmbRCB5hfXJMtmrpy6n9Nn
Score
6/10
Malware Config
Signatures
-
Reads system routing table 1 TTPs 1 IoCs
Gets active network interfaces from /proc virtual filesystem.
Processes:
qkdjdjj22.mpsl.elfdescription ioc process File opened for reading /proc/net/route qkdjdjj22.mpsl.elf -
Reads system network configuration 1 TTPs 1 IoCs
Uses contents of /proc filesystem to enumerate network settings.
Processes:
qkdjdjj22.mpsl.elfdescription ioc process File opened for reading /proc/net/route qkdjdjj22.mpsl.elf