144ccb06a4fcf0428565ee467e3157e8d5a14537d7d05661bb1542ddb55aad53

Analysis

max time kernel
150s
max time network
151s
platform
debian-9_mips
resource
debian9-mipsbe-20240611-en
resource tags

arch:mipsimage:debian9-mipsbe-20240611-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipssystem
submitted
18/08/2024, 17:26

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

144ccb06a4fcf0428565ee467e3157e8d5a14537d7d05661bb1542ddb55aad53
Size

177KB
MD5

4b31e0826893db37b01189c24053bef3
SHA1

af0664eb41846ec3786d504b25e4b2f6197ad8e1
SHA256

144ccb06a4fcf0428565ee467e3157e8d5a14537d7d05661bb1542ddb55aad53
SHA512

bd3a53dd7b05bdd204d1525883158ac2646e7fff9738f48d37215d26a88d4a1bc1fb8ea7808aa3ddc30ad37e0a288857a4d6ca561ec870eab04c5fc55e057a99
SSDEEP

3072:f6uSXvJnzjP0jSGzpyi579Yxy52tIen9A6qewZQ2haQt:f6uSXvJnvP0+GzYigAEnfqnZJhaa

Score

6^/10

Malware Config

Signatures

Enumerates running processes
Discovers information about currently running processes on the system

Changes its process name 1 IoCs

description	ioc	pid	Process
Changes the process name, possibly in an attempt to hide itself	a- M "	703	144ccb06a4fcf0428565ee467e3157e8d5a14537d7d05661bb1542ddb55aad53

Reads runtime system information 64 IoCs

Reads data from /proc virtual filesystem.

description	ioc	Process
File opened for reading	/proc/5/cmdline	144ccb06a4fcf0428565ee467e3157e8d5a14537d7d05661bb1542ddb55aad53
File opened for reading	/proc/789/cmdline	144ccb06a4fcf0428565ee467e3157e8d5a14537d7d05661bb1542ddb55aad53
File opened for reading	/proc/792/cmdline	144ccb06a4fcf0428565ee467e3157e8d5a14537d7d05661bb1542ddb55aad53
File opened for reading	/proc/694/cmdline	144ccb06a4fcf0428565ee467e3157e8d5a14537d7d05661bb1542ddb55aad53
File opened for reading	/proc/730/cmdline	144ccb06a4fcf0428565ee467e3157e8d5a14537d7d05661bb1542ddb55aad53
File opened for reading	/proc/793/cmdline	144ccb06a4fcf0428565ee467e3157e8d5a14537d7d05661bb1542ddb55aad53
File opened for reading	/proc/73/cmdline	144ccb06a4fcf0428565ee467e3157e8d5a14537d7d05661bb1542ddb55aad53
File opened for reading	/proc/76/cmdline	144ccb06a4fcf0428565ee467e3157e8d5a14537d7d05661bb1542ddb55aad53
File opened for reading	/proc/81/cmdline	144ccb06a4fcf0428565ee467e3157e8d5a14537d7d05661bb1542ddb55aad53
File opened for reading	/proc/723/cmdline	144ccb06a4fcf0428565ee467e3157e8d5a14537d7d05661bb1542ddb55aad53
File opened for reading	/proc/731/cmdline	144ccb06a4fcf0428565ee467e3157e8d5a14537d7d05661bb1542ddb55aad53
File opened for reading	/proc/736/cmdline	144ccb06a4fcf0428565ee467e3157e8d5a14537d7d05661bb1542ddb55aad53
File opened for reading	/proc/741/cmdline	144ccb06a4fcf0428565ee467e3157e8d5a14537d7d05661bb1542ddb55aad53
File opened for reading	/proc/758/cmdline	144ccb06a4fcf0428565ee467e3157e8d5a14537d7d05661bb1542ddb55aad53
File opened for reading	/proc/236/cmdline	144ccb06a4fcf0428565ee467e3157e8d5a14537d7d05661bb1542ddb55aad53
File opened for reading	/proc/515/cmdline	144ccb06a4fcf0428565ee467e3157e8d5a14537d7d05661bb1542ddb55aad53
File opened for reading	/proc/700/cmdline	144ccb06a4fcf0428565ee467e3157e8d5a14537d7d05661bb1542ddb55aad53
File opened for reading	/proc/762/cmdline	144ccb06a4fcf0428565ee467e3157e8d5a14537d7d05661bb1542ddb55aad53
File opened for reading	/proc/771/cmdline	144ccb06a4fcf0428565ee467e3157e8d5a14537d7d05661bb1542ddb55aad53
File opened for reading	/proc/800/cmdline	144ccb06a4fcf0428565ee467e3157e8d5a14537d7d05661bb1542ddb55aad53
File opened for reading	/proc/738/cmdline	144ccb06a4fcf0428565ee467e3157e8d5a14537d7d05661bb1542ddb55aad53
File opened for reading	/proc/739/cmdline	144ccb06a4fcf0428565ee467e3157e8d5a14537d7d05661bb1542ddb55aad53
File opened for reading	/proc/750/cmdline	144ccb06a4fcf0428565ee467e3157e8d5a14537d7d05661bb1542ddb55aad53
File opened for reading	/proc/773/cmdline	144ccb06a4fcf0428565ee467e3157e8d5a14537d7d05661bb1542ddb55aad53
File opened for reading	/proc/783/cmdline	144ccb06a4fcf0428565ee467e3157e8d5a14537d7d05661bb1542ddb55aad53
File opened for reading	/proc/809/cmdline	144ccb06a4fcf0428565ee467e3157e8d5a14537d7d05661bb1542ddb55aad53
File opened for reading	/proc/20/cmdline	144ccb06a4fcf0428565ee467e3157e8d5a14537d7d05661bb1542ddb55aad53
File opened for reading	/proc/698/cmdline	144ccb06a4fcf0428565ee467e3157e8d5a14537d7d05661bb1542ddb55aad53
File opened for reading	/proc/702/cmdline	144ccb06a4fcf0428565ee467e3157e8d5a14537d7d05661bb1542ddb55aad53
File opened for reading	/proc/724/cmdline	144ccb06a4fcf0428565ee467e3157e8d5a14537d7d05661bb1542ddb55aad53
File opened for reading	/proc/786/cmdline	144ccb06a4fcf0428565ee467e3157e8d5a14537d7d05661bb1542ddb55aad53
File opened for reading	/proc/787/cmdline	144ccb06a4fcf0428565ee467e3157e8d5a14537d7d05661bb1542ddb55aad53
File opened for reading	/proc/2/cmdline	144ccb06a4fcf0428565ee467e3157e8d5a14537d7d05661bb1542ddb55aad53
File opened for reading	/proc/13/cmdline	144ccb06a4fcf0428565ee467e3157e8d5a14537d7d05661bb1542ddb55aad53
File opened for reading	/proc/113/cmdline	144ccb06a4fcf0428565ee467e3157e8d5a14537d7d05661bb1542ddb55aad53
File opened for reading	/proc/765/cmdline	144ccb06a4fcf0428565ee467e3157e8d5a14537d7d05661bb1542ddb55aad53
File opened for reading	/proc/798/cmdline	144ccb06a4fcf0428565ee467e3157e8d5a14537d7d05661bb1542ddb55aad53
File opened for reading	/proc/801/cmdline	144ccb06a4fcf0428565ee467e3157e8d5a14537d7d05661bb1542ddb55aad53
File opened for reading	/proc/689/cmdline	144ccb06a4fcf0428565ee467e3157e8d5a14537d7d05661bb1542ddb55aad53
File opened for reading	/proc/704/cmdline	144ccb06a4fcf0428565ee467e3157e8d5a14537d7d05661bb1542ddb55aad53
File opened for reading	/proc/726/cmdline	144ccb06a4fcf0428565ee467e3157e8d5a14537d7d05661bb1542ddb55aad53
File opened for reading	/proc/781/cmdline	144ccb06a4fcf0428565ee467e3157e8d5a14537d7d05661bb1542ddb55aad53
File opened for reading	/proc/4/cmdline	144ccb06a4fcf0428565ee467e3157e8d5a14537d7d05661bb1542ddb55aad53
File opened for reading	/proc/381/cmdline	144ccb06a4fcf0428565ee467e3157e8d5a14537d7d05661bb1542ddb55aad53
File opened for reading	/proc/778/cmdline	144ccb06a4fcf0428565ee467e3157e8d5a14537d7d05661bb1542ddb55aad53
File opened for reading	/proc/141/cmdline	144ccb06a4fcf0428565ee467e3157e8d5a14537d7d05661bb1542ddb55aad53
File opened for reading	/proc/727/cmdline	144ccb06a4fcf0428565ee467e3157e8d5a14537d7d05661bb1542ddb55aad53
File opened for reading	/proc/754/cmdline	144ccb06a4fcf0428565ee467e3157e8d5a14537d7d05661bb1542ddb55aad53
File opened for reading	/proc/755/cmdline	144ccb06a4fcf0428565ee467e3157e8d5a14537d7d05661bb1542ddb55aad53
File opened for reading	/proc/807/cmdline	144ccb06a4fcf0428565ee467e3157e8d5a14537d7d05661bb1542ddb55aad53
File opened for reading	/proc/1/cmdline	144ccb06a4fcf0428565ee467e3157e8d5a14537d7d05661bb1542ddb55aad53
File opened for reading	/proc/21/cmdline	144ccb06a4fcf0428565ee467e3157e8d5a14537d7d05661bb1542ddb55aad53
File opened for reading	/proc/74/cmdline	144ccb06a4fcf0428565ee467e3157e8d5a14537d7d05661bb1542ddb55aad53
File opened for reading	/proc/720/cmdline	144ccb06a4fcf0428565ee467e3157e8d5a14537d7d05661bb1542ddb55aad53
File opened for reading	/proc/794/cmdline	144ccb06a4fcf0428565ee467e3157e8d5a14537d7d05661bb1542ddb55aad53
File opened for reading	/proc/802/cmdline	144ccb06a4fcf0428565ee467e3157e8d5a14537d7d05661bb1542ddb55aad53
File opened for reading	/proc/806/cmdline	144ccb06a4fcf0428565ee467e3157e8d5a14537d7d05661bb1542ddb55aad53
File opened for reading	/proc/22/cmdline	144ccb06a4fcf0428565ee467e3157e8d5a14537d7d05661bb1542ddb55aad53
File opened for reading	/proc/164/cmdline	144ccb06a4fcf0428565ee467e3157e8d5a14537d7d05661bb1542ddb55aad53
File opened for reading	/proc/330/cmdline	144ccb06a4fcf0428565ee467e3157e8d5a14537d7d05661bb1542ddb55aad53
File opened for reading	/proc/767/cmdline	144ccb06a4fcf0428565ee467e3157e8d5a14537d7d05661bb1542ddb55aad53
File opened for reading	/proc/775/cmdline	144ccb06a4fcf0428565ee467e3157e8d5a14537d7d05661bb1542ddb55aad53
File opened for reading	/proc/808/cmdline	144ccb06a4fcf0428565ee467e3157e8d5a14537d7d05661bb1542ddb55aad53
File opened for reading	/proc/69/cmdline	144ccb06a4fcf0428565ee467e3157e8d5a14537d7d05661bb1542ddb55aad53

/tmp/144ccb06a4fcf0428565ee467e3157e8d5a14537d7d05661bb1542ddb55aad53
/tmp/144ccb06a4fcf0428565ee467e3157e8d5a14537d7d05661bb1542ddb55aad53
1⤵
- Changes its process name
- Reads runtime system information
PID:703

Windows 7 deprecation

Loading Replay Monitor...

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads