Analysis

  • max time kernel
    136s
  • max time network
    148s
  • platform
    debian-9_mips
  • resource
    debian9-mipsbe-20240729-en
  • resource tags

    arch:mipsimage:debian9-mipsbe-20240729-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipssystem
  • submitted
    14/10/2024, 05:22

General

  • Target

    na.elf

  • Size

    43KB

  • MD5

    05fc26780b9a27ea77e3ec0871d07423

  • SHA1

    053bc16a0169b941d3da6cad0fcaed6adc444dc2

  • SHA256

    24ecc191f11be7b8ed2929acfbd71eabf107cafe915325bd4500eea55a2620f0

  • SHA512

    9872a8ba6b26f6def2c2d2fef48574d3ea89c872dc1a678010ee09b7994a896b2909805648ea6ee853e1e268403c043859cd358bd6efef3ed6efece7d6cb7c8a

  • SSDEEP

    768:M9DfzzMwdu3W4CbuznqQd8eYkGyJfH6QhjS0jlDGnHMhgNSRxUkCkHhVeg527tvU:qDEwdu3ubuznqreGyJfH6QhjDGnHMhgY

Malware Config

Signatures

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

  • Modifies Watchdog functionality 1 TTPs 2 IoCs

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

  • Enumerates running processes

    Discovers information about currently running processes on the system

  • Writes file to system bin folder 2 IoCs
  • Reads runtime system information 64 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/na.elf
    /tmp/na.elf
    1⤵
    • Modifies Watchdog functionality
    • Writes file to system bin folder
    • Reads runtime system information
    PID:724

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads