Analysis
-
max time kernel
146s -
max time network
151s -
platform
debian-9_mips -
resource
debian9-mipsbe-20240611-en -
resource tags
arch:mipsimage:debian9-mipsbe-20240611-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipssystem -
submitted
07/11/2024, 15:23
Behavioral task
behavioral1
Sample
mips.elf
Resource
debian9-mipsbe-20240611-en
General
-
Target
mips.elf
-
Size
79KB
-
MD5
89d21d036543aeea90e2b87f1514b8f9
-
SHA1
a07d39815f7badf02fbc8eacb9e628485e6a2425
-
SHA256
49e0876cac5de1e9edd89be8a46112628d15422f6d69421a1203bd0afc865c5d
-
SHA512
e4581484bff17065f8416c3cd3775cafff179413efce6d949d9cd0a0c29fbc46556e39b941411ba915ce9c24ee657d1ac030f7c4ec1ffb1be4f17e32a9d123a1
-
SSDEEP
1536:5951vCVQ/de+qa9wB5PmVTcSzaTwxDEekxVJua35WyUN96/wSEbIEzO:zDqAwjPmVHztF+VQa34d9EPyIEO
Malware Config
Signatures
-
Reads system routing table 1 TTPs 1 IoCs
Gets active network interfaces from /proc virtual filesystem.
description ioc Process File opened for reading /proc/net/route mips.elf -
Reads system network configuration 1 TTPs 1 IoCs
Uses contents of /proc filesystem to enumerate network settings.
description ioc Process File opened for reading /proc/net/route mips.elf -
System Network Configuration Discovery 1 TTPs 1 IoCs
Adversaries may gather information about the network configuration of a system.
pid Process 703 mips.elf -
Writes file to tmp directory 1 IoCs
Malware often drops required files in the /tmp directory.
description ioc Process File opened for modification /tmp/Infected.log mips.elf
Processes
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
107B
MD5a70a5dde6f79eaea4e71c88b6a2ccc38
SHA192c0273c4be5d4b7bdbdd500de5a64e5e05652b2
SHA256d087a5a10a09b589993d8cc44a24ef22db26ffd0feeeb3f29b15af008c292af8
SHA512aaa7d00faa34a87292f23a16dae8a7a4b5a40c8e375a579f1286427819c2a04e1c6f970dbc0f2433e6c03f59a2ece0f28ba1e8fc526bc4afe77f176f61876c52