Analysis

  • max time kernel
    0s
  • platform
    debian-9_mips
  • resource
    debian9-mipsbe-20240729-en
  • resource tags

    arch:mipsimage:debian9-mipsbe-20240729-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipssystem
  • submitted
    08-11-2024 11:36

General

  • Target

    .update/.run

  • Size

    485B

  • MD5

    279171e9a52627c005d882b4c31f0158

  • SHA1

    419d14ecd9ba9b819219db32624e7d6244b36d3e

  • SHA256

    4257bc327cf5312bb7b76154c0d3c31a8845288955611dfc937b75cb86073fb7

  • SHA512

    a7d4cda901507e9327e92450386032fe678e9a3e281a3e4139c3f3e109e15ac10de9aeb1a6eb976b45f2aa4f0ea3d60a5ef4376fd82cba7795c9eeab5162c665

Score
3/10

Malware Config

Signatures

  • Writes file to tmp directory 2 IoCs

    Malware often drops required files in the /tmp directory.

Processes

  • /tmp/.update/.run
    /tmp/.update/.run
    1⤵
    • Writes file to tmp directory
    PID:738
    • /bin/uname
      uname -m
      2⤵
        PID:740
      • /bin/cat
        cat update.dir
        2⤵
          PID:745
        • /tmp/.update/.mips
          ./.mips -f
          2⤵
            PID:746

        Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • /tmp/.update/.update

          Filesize

          114B

          MD5

          a0669fc7ed6e6c80a991b070e1f7909a

          SHA1

          313f4f3deaf4237a8d0059593f1a68d7b7cc434f

          SHA256

          808530d3d871a0ae2d88b92e3820c8dbdd9b9a1ab469d4ed0088dce65b96545b

          SHA512

          2963bbba5c52178b3732139352144c8b34a81561ada3b803f50fdd51401017dc762fbdaed483e24da56b59d04381c8122b912c31d624a13d19ddfe951a55ec1f

        • /tmp/.update/update.dir

          Filesize

          13B

          MD5

          f162d09e078b8201089b7e20ea72f2bf

          SHA1

          f7da8700cd21e201f62a17992d2ac15c09c447a1

          SHA256

          2162d6f6fadf44bb1db38ea55ec80a7006c269061de5141bf9f4743ec9cd95fb

          SHA512

          adb0481faeeb35926c8ba2bf2549e7b43dc40864ebfb8c40274d5021dfc3d87a8c2c2aa2996a28068c061ae13c404e85e870a23a67a709b4522134ce2be221cb