2bb41e0ad0fe10551df2d1991505680e688a34d6b099fef05ad7d68f2b1f37e9

Analysis

max time kernel
149s
max time network
179s
platform
debian-9_mipsel
resource
debian9-mipsel-20240611-en
resource tags

arch:mipselimage:debian9-mipsel-20240611-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipselsystem
submitted
23/07/2024, 01:39

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

2bb41e0ad0fe10551df2d1991505680e688a34d6b099fef05ad7d68f2b1f37e9.elf
Size

134KB
MD5

08bf85cafa53c689293621d094b260b9
SHA1

e75f98d6dae4b9942604c9fb6168eab6a1fa9f5b
SHA256

2bb41e0ad0fe10551df2d1991505680e688a34d6b099fef05ad7d68f2b1f37e9
SHA512

f9fb9ae4e7eb8f9c7c6fdd3bd9bb2ee3a79b741bf85f2359826437343ca0536bbdfe5041c7f6931fe512c8f20d5f4354b9f35010d579c110dfdda18b121f3299
SSDEEP

1536:voUciBsrs7KPtFZfyq42kB5t3BgY0KZwCRTfhiAQv5e1vT4HTTTTTTTTTTTTfvcH:vvciBsr/FZJcBgNKADY

Score

3^/10

Malware Config

Signatures

Reads runtime system information 41 IoCs

Reads data from /proc virtual filesystem.

description	ioc	Process
File opened for reading	/proc/675/maps	2bb41e0ad0fe10551df2d1991505680e688a34d6b099fef05ad7d68f2b1f37e9.elf
File opened for reading	/proc/679/exe	2bb41e0ad0fe10551df2d1991505680e688a34d6b099fef05ad7d68f2b1f37e9.elf
File opened for reading	/proc/710/exe	2bb41e0ad0fe10551df2d1991505680e688a34d6b099fef05ad7d68f2b1f37e9.elf
File opened for reading	/proc/712/exe	2bb41e0ad0fe10551df2d1991505680e688a34d6b099fef05ad7d68f2b1f37e9.elf
File opened for reading	/proc/734/maps	2bb41e0ad0fe10551df2d1991505680e688a34d6b099fef05ad7d68f2b1f37e9.elf
File opened for reading	/proc/734/exe	2bb41e0ad0fe10551df2d1991505680e688a34d6b099fef05ad7d68f2b1f37e9.elf
File opened for reading	/proc/784/exe	2bb41e0ad0fe10551df2d1991505680e688a34d6b099fef05ad7d68f2b1f37e9.elf
File opened for reading	/proc/683/exe	2bb41e0ad0fe10551df2d1991505680e688a34d6b099fef05ad7d68f2b1f37e9.elf
File opened for reading	/proc/711/maps	2bb41e0ad0fe10551df2d1991505680e688a34d6b099fef05ad7d68f2b1f37e9.elf
File opened for reading	/proc/712/maps	2bb41e0ad0fe10551df2d1991505680e688a34d6b099fef05ad7d68f2b1f37e9.elf
File opened for reading	/proc/747/maps	2bb41e0ad0fe10551df2d1991505680e688a34d6b099fef05ad7d68f2b1f37e9.elf
File opened for reading	/proc/788/maps	2bb41e0ad0fe10551df2d1991505680e688a34d6b099fef05ad7d68f2b1f37e9.elf
File opened for reading	/proc/788/exe	2bb41e0ad0fe10551df2d1991505680e688a34d6b099fef05ad7d68f2b1f37e9.elf
File opened for reading	/proc/691/maps	2bb41e0ad0fe10551df2d1991505680e688a34d6b099fef05ad7d68f2b1f37e9.elf
File opened for reading	/proc/720/maps	2bb41e0ad0fe10551df2d1991505680e688a34d6b099fef05ad7d68f2b1f37e9.elf
File opened for reading	/proc/733/exe	2bb41e0ad0fe10551df2d1991505680e688a34d6b099fef05ad7d68f2b1f37e9.elf
File opened for reading	/proc/747/exe	2bb41e0ad0fe10551df2d1991505680e688a34d6b099fef05ad7d68f2b1f37e9.elf
File opened for reading	/proc/812/exe	2bb41e0ad0fe10551df2d1991505680e688a34d6b099fef05ad7d68f2b1f37e9.elf
File opened for reading	/proc/675/exe	2bb41e0ad0fe10551df2d1991505680e688a34d6b099fef05ad7d68f2b1f37e9.elf
File opened for reading	/proc/720/exe	2bb41e0ad0fe10551df2d1991505680e688a34d6b099fef05ad7d68f2b1f37e9.elf
File opened for reading	/proc/filesystems	mv
File opened for reading	/proc/683/maps	2bb41e0ad0fe10551df2d1991505680e688a34d6b099fef05ad7d68f2b1f37e9.elf
File opened for reading	/proc/706/exe	2bb41e0ad0fe10551df2d1991505680e688a34d6b099fef05ad7d68f2b1f37e9.elf
File opened for reading	/proc/711/exe	2bb41e0ad0fe10551df2d1991505680e688a34d6b099fef05ad7d68f2b1f37e9.elf
File opened for reading	/proc/722/maps	2bb41e0ad0fe10551df2d1991505680e688a34d6b099fef05ad7d68f2b1f37e9.elf
File opened for reading	/proc/733/maps	2bb41e0ad0fe10551df2d1991505680e688a34d6b099fef05ad7d68f2b1f37e9.elf
File opened for reading	/proc/812/maps	2bb41e0ad0fe10551df2d1991505680e688a34d6b099fef05ad7d68f2b1f37e9.elf
File opened for reading	/proc/433/maps	2bb41e0ad0fe10551df2d1991505680e688a34d6b099fef05ad7d68f2b1f37e9.elf
File opened for reading	/proc/433/exe	2bb41e0ad0fe10551df2d1991505680e688a34d6b099fef05ad7d68f2b1f37e9.elf
File opened for reading	/proc/691/exe	2bb41e0ad0fe10551df2d1991505680e688a34d6b099fef05ad7d68f2b1f37e9.elf
File opened for reading	/proc/710/maps	2bb41e0ad0fe10551df2d1991505680e688a34d6b099fef05ad7d68f2b1f37e9.elf
File opened for reading	/proc/716/exe	2bb41e0ad0fe10551df2d1991505680e688a34d6b099fef05ad7d68f2b1f37e9.elf
File opened for reading	/proc/filesystems	mkdir
File opened for reading	/proc/679/maps	2bb41e0ad0fe10551df2d1991505680e688a34d6b099fef05ad7d68f2b1f37e9.elf
File opened for reading	/proc/684/maps	2bb41e0ad0fe10551df2d1991505680e688a34d6b099fef05ad7d68f2b1f37e9.elf
File opened for reading	/proc/684/exe	2bb41e0ad0fe10551df2d1991505680e688a34d6b099fef05ad7d68f2b1f37e9.elf
File opened for reading	/proc/722/exe	2bb41e0ad0fe10551df2d1991505680e688a34d6b099fef05ad7d68f2b1f37e9.elf
File opened for reading	/proc/796/maps	2bb41e0ad0fe10551df2d1991505680e688a34d6b099fef05ad7d68f2b1f37e9.elf
File opened for reading	/proc/706/maps	2bb41e0ad0fe10551df2d1991505680e688a34d6b099fef05ad7d68f2b1f37e9.elf
File opened for reading	/proc/784/maps	2bb41e0ad0fe10551df2d1991505680e688a34d6b099fef05ad7d68f2b1f37e9.elf
File opened for reading	/proc/796/exe	2bb41e0ad0fe10551df2d1991505680e688a34d6b099fef05ad7d68f2b1f37e9.elf

/tmp/2bb41e0ad0fe10551df2d1991505680e688a34d6b099fef05ad7d68f2b1f37e9.elf
/tmp/2bb41e0ad0fe10551df2d1991505680e688a34d6b099fef05ad7d68f2b1f37e9.elf
1⤵
- Reads runtime system information
PID:714
- /bin/sh
  sh -c "mkdir /e0g1lgzkre/ && >/e0g1lgzkre/e0g1lgzkre && cd /e0g1lgzkre/ >/dev/null"
  2⤵
  PID:717
- - /bin/mkdir
    mkdir /e0g1lgzkre/
    3⤵
    - Reads runtime system information
    PID:719
- /bin/sh
  sh -c "mv /tmp/2bb41e0ad0fe10551df2d1991505680e688a34d6b099fef05ad7d68f2b1f37e9.elf /e0g1lgzkre/e0g1lgzkre && chmod 777 /e0g1lgzkre/e0g1lgzkre >/dev/null"
  2⤵
  PID:723
- - /bin/mv
    mv /tmp/2bb41e0ad0fe10551df2d1991505680e688a34d6b099fef05ad7d68f2b1f37e9.elf /e0g1lgzkre/e0g1lgzkre
    3⤵
    - Reads runtime system information
    PID:727
- - /bin/chmod
    chmod 777 /e0g1lgzkre/e0g1lgzkre
    3⤵
    PID:730

Windows 7 deprecation

Loading Replay Monitor...

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads