Overview

overview

10

Static

static

10

341f6bda48...d5.elf

debian-9-mipsel

9

Analysis

  • max time kernel
    150s
  • max time network
    152s
  • platform
    debian-9_mipsel
  • resource
    debian9-mipsel-20240611-en
  • resource tags

    arch:mipselimage:debian9-mipsel-20240611-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipselsystem
  • submitted
    07/08/2024, 01:16

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    341f6bda4850a23690e0098f6288e35437144059d7a4baf56fe95f5e2fab21d5.elf

  • Size

    112KB

  • MD5

    de12666df7040e2c70ae0f7141cf38f5

  • SHA1

    5ee9ed74e7a009e70fc3f46216f73eb5642a58e6

  • SHA256

    341f6bda4850a23690e0098f6288e35437144059d7a4baf56fe95f5e2fab21d5

  • SHA512

    c1fcd890690d74657e1ff45de77416ff8938f14ba6246615bc6910db351deca37c6d67c79cf3b1812d7e9cec9f783b628d4e6932e18d56fd0c64a1138b38d117

  • SSDEEP

    3072:Rpn1nyJ4P37E0Nm2iCXk/S3ehoCqwomqBemEz:Tn1nIO7E0NYxS3KoLmqBemEz

Score
9/10
discovery

Malware Config

Signatures

  • Contacts a large (54515) amount of remote hosts 1 TTPs

    This may indicate a network scan to discover remotely running services.

    discovery
  • Creates a large amount of network flows 1 TTPs

    This may indicate a network scan to discover remotely running services.

    discovery
  • Modifies Watchdog functionality 1 TTPs 2 IoCs

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

  • Writes file to system bin folder 1 TTPs 1 IoCs
  • Changes its process name 1 IoCs

Processes

  • /tmp/341f6bda4850a23690e0098f6288e35437144059d7a4baf56fe95f5e2fab21d5.elf
    /tmp/341f6bda4850a23690e0098f6288e35437144059d7a4baf56fe95f5e2fab21d5.elf
    1⤵
    • Modifies Watchdog functionality
    • Writes file to system bin folder
    • Changes its process name
    PID:708

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads