Overview

overview

1

Static

static

1

4d8b16a5eb...nknown

ubuntu-18.04-amd64

1

4d8b16a5eb...nknown

debian-9-armhf

1

4d8b16a5eb...nknown

debian-9-mips

1

4d8b16a5eb...nknown

debian-9-mipsel

1

Analysis

  • max time kernel
    3s
  • platform
    debian-9_mipsel
  • resource
    debian9-mipsel-20240418-en
  • resource tags

    arch:mipselimage:debian9-mipsel-20240418-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipselsystem
  • submitted
    03/09/2024, 01:38

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    4d8b16a5ebf6480dad5750aef70f498587df435925082a45f3129f4de1d1e81a.unknown

  • Size

    856B

  • MD5

    1c17550a77ba0fb332c35b7498f70550

  • SHA1

    8f68d939f559df34d76e0ae334a8ffea946bb7d0

  • SHA256

    4d8b16a5ebf6480dad5750aef70f498587df435925082a45f3129f4de1d1e81a

  • SHA512

    0cbeaaf685fee1943a11f6ab4d661793cf067fdc3f0f83b4e10ed06bb60880f913a10189d698fa072be3542e9dd90a70b529e4f612105c00034e0157b7cc9242

Score
1/10

Malware Config

Signatures

Processes

  • /tmp/4d8b16a5ebf6480dad5750aef70f498587df435925082a45f3129f4de1d1e81a.unknown
    /tmp/4d8b16a5ebf6480dad5750aef70f498587df435925082a45f3129f4de1d1e81a.unknown
    1⤵
      PID:727
      • /bin/busybox
        /bin/busybox chmod +x arc
        2⤵
          PID:731
        • /tmp/arc
          ./arc selfrep
          2⤵
            PID:733
          • /bin/busybox
            /bin/busybox rm -rf arc
            2⤵
              PID:735
            • /bin/busybox
              /bin/busybox chmod +x arm
              2⤵
                PID:739
              • /tmp/arm
                ./arm selfrep
                2⤵
                  PID:743
                • /bin/busybox
                  /bin/busybox rm -rf arm
                  2⤵
                    PID:744
                  • /bin/busybox
                    /bin/busybox chmod +x arm5
                    2⤵
                      PID:748
                    • /tmp/arm5
                      ./arm5 selfrep
                      2⤵
                        PID:751
                      • /bin/busybox
                        /bin/busybox rm -rf arm5
                        2⤵
                          PID:755
                        • /bin/busybox
                          /bin/busybox chmod +x arm7
                          2⤵
                            PID:762
                          • /tmp/arm7
                            ./arm7 selfrep
                            2⤵
                              PID:764
                            • /bin/busybox
                              /bin/busybox rm -rf arm7
                              2⤵
                                PID:766
                              • /bin/busybox
                                /bin/busybox chmod +x mips
                                2⤵
                                  PID:770
                                • /tmp/mips
                                  ./mips selfrep
                                  2⤵
                                    PID:772
                                  • /bin/busybox
                                    /bin/busybox rm -rf mips
                                    2⤵
                                      PID:773
                                    • /bin/busybox
                                      /bin/busybox chmod +x mpsl
                                      2⤵
                                        PID:778
                                      • /tmp/mpsl
                                        ./mpsl selfrep
                                        2⤵
                                          PID:780
                                        • /bin/busybox
                                          /bin/busybox rm -rf mpsl
                                          2⤵
                                            PID:781
                                          • /bin/busybox
                                            /bin/busybox chmod +x ppc
                                            2⤵
                                              PID:785
                                            • /tmp/ppc
                                              ./ppc selfrep
                                              2⤵
                                                PID:786
                                              • /bin/busybox
                                                /bin/busybox rm -rf ppc
                                                2⤵
                                                  PID:787
                                                • /bin/busybox
                                                  /bin/busybox chmod +x sh4
                                                  2⤵
                                                    PID:790
                                                  • /tmp/sh4
                                                    ./sh4 selfrep
                                                    2⤵
                                                      PID:792
                                                    • /bin/busybox
                                                      /bin/busybox rm -rf sh4
                                                      2⤵
                                                        PID:793
                                                      • /bin/busybox
                                                        /bin/busybox rm -rf tftp2.sh
                                                        2⤵
                                                          PID:794

                                                      Network

                                                            MITRE ATT&CK Matrix

                                                            Replay Monitor

                                                            Loading Replay Monitor...

                                                            Downloads