Analysis

  • max time kernel
    152s
  • max time network
    159s
  • platform
    debian-12_mipsel
  • resource
    debian12-mipsel-20240221-en
  • resource tags

    arch:mipselimage:debian12-mipsel-20240221-enkernel:6.1.0-17-4kc-maltalocale:en-usos:debian-12-mipselsystem
  • submitted
    12-11-2024 02:47

General

  • Target

    a82110cbe11fd10f36d9d33a95596715d0a91a203eaf37d7e971df060dc73f4b.elf

  • Size

    82KB

  • MD5

    61081d459e84451c3eb0c9a4d6556475

  • SHA1

    a623136e67f090224fd316a11e098279d1bbe6cf

  • SHA256

    a82110cbe11fd10f36d9d33a95596715d0a91a203eaf37d7e971df060dc73f4b

  • SHA512

    05c31bef1cfaf7a79500a7fc465aedacb8bc83f754f94b6f52b7eeffdba667fdc5633471f3854f88cecd48ba2f40b69cb6a191470f359193fb1dd4b5459a9d96

  • SSDEEP

    1536:gNKax4EP01b/fH5QGkdzhzsDAleP7a7ZGh+VXt:gKax4EPi/fH5rkI7C5

Malware Config

Signatures

  • Modifies Watchdog functionality 1 TTPs 2 IoCs

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

  • Reads process memory 1 TTPs 22 IoCs

    Read the memory of a process through the /proc virtual filesystem. This can be used to steal credentials.

  • Changes its process name 1 IoCs

Processes

  • /tmp/a82110cbe11fd10f36d9d33a95596715d0a91a203eaf37d7e971df060dc73f4b.elf
    /tmp/a82110cbe11fd10f36d9d33a95596715d0a91a203eaf37d7e971df060dc73f4b.elf
    1⤵
    • Modifies Watchdog functionality
    • Reads process memory
    • Changes its process name
    PID:741

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads