Analysis

  • max time kernel
    149s
  • max time network
    151s
  • platform
    debian-9_mips
  • resource
    debian9-mipsbe-20240729-en
  • resource tags

    arch:mipsimage:debian9-mipsbe-20240729-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipssystem
  • submitted
    14-11-2024 02:55

General

  • Target

    a702b3ac12a3c27748a388408ca60b7a60475d0e34379f5211623b39b22572ea.elf

  • Size

    177KB

  • MD5

    ab7fc7c876a7b878a26aa66c9a2d30bf

  • SHA1

    129f8c2efd2a6e9efa92e06f3372ca7fb76c3bef

  • SHA256

    a702b3ac12a3c27748a388408ca60b7a60475d0e34379f5211623b39b22572ea

  • SHA512

    e30c82d7a2fdede468848e0ff3dafe0f6f1f03ad9e892b5563a0665039d26b30b998746bf0d14320bb0e6ca69cb88e0413b07cc1a62c48d838969cb5d1cc1b10

  • SSDEEP

    3072:ADWRZYX74OslR4vkHgrU4690NkX83Dza7nnYSf1BuBWxJUtFb1liWCBfQ:AqROL4OslRykHgrU7B8X+nDuBWxcFb15

Malware Config

Signatures

  • Modifies Watchdog functionality 1 TTPs 2 IoCs

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

  • Enumerates running processes

    Discovers information about currently running processes on the system

  • Writes file to system bin folder 2 IoCs
  • Reads runtime system information 64 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/a702b3ac12a3c27748a388408ca60b7a60475d0e34379f5211623b39b22572ea.elf
    /tmp/a702b3ac12a3c27748a388408ca60b7a60475d0e34379f5211623b39b22572ea.elf
    1⤵
    • Modifies Watchdog functionality
    • Writes file to system bin folder
    • Reads runtime system information
    PID:712

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads