Analysis
-
max time kernel
150s -
max time network
155s -
platform
debian-9_mips -
resource
debian9-mipsbe-20240611-en -
resource tags
arch:mipsimage:debian9-mipsbe-20240611-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipssystem -
submitted
09-11-2024 17:07
General
-
Target
main_mips.elf
-
Size
57KB
-
MD5
a9da2c07de94b6f332246f5bf2e987b4
-
SHA1
09e35b5eaad5663d4238a2c8762c418653c136f0
-
SHA256
99837b4e5d6d2431a09ccdd98eda8f1cd78080a6bd8b9c7300f9210ba463257e
-
SHA512
d84269726b5b601639afcbf29b191bba9d1baf76ace9d57d4d00ce427437e83493682098a10e5d6d4c3333ec155fdc7dd54df56dea69dced14bd967ec44b55e9
-
SSDEEP
1536:dLYFEngSHApbLuIt6cJXIDSaepVxgF3GtkfdwVqYu:dL0EO/EAEwkfGVqYu
Malware Config
Signatures
-
Mirai family
-
Deletes itself 1 IoCs
Processes:
main_mips.elfpid process 697 main_mips.elf -
Changes its process name 1 IoCs
Processes:
main_mips.elfdescription ioc pid process Changes the process name, possibly in an attempt to hide itself httpd 697 main_mips.elf -
Processes:
main_mips.elfdescription ioc process File opened for reading /proc/self/exe main_mips.elf -
System Network Configuration Discovery 1 TTPs 1 IoCs
Adversaries may gather information about the network configuration of a system.
-
Writes file to tmp directory 1 IoCs
Malware often drops required files in the /tmp directory.
Processes:
main_mips.elfdescription ioc process File opened for modification /tmp/main_mips.elf main_mips.elf