5b498bb8372b66f7e8ba5bde9e14d0b47f1c8c1d4a3ceab30b22ba3c356ca2f0

Analysis

max time kernel
150s
max time network
150s
platform
debian-9_mipsel
resource
debian9-mipsel-20240611-en
resource tags

arch:mipselimage:debian9-mipsel-20240611-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipselsystem
submitted
20-11-2024 02:44

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

5b498bb8372b66f7e8ba5bde9e14d0b47f1c8c1d4a3ceab30b22ba3c356ca2f0.elf
Size

177KB
MD5

8f0d7edfcf7c290bbe7447cfd12635f4
SHA1

e58e5075440f88038766eaf8cd2e395a2ec8ecb4
SHA256

5b498bb8372b66f7e8ba5bde9e14d0b47f1c8c1d4a3ceab30b22ba3c356ca2f0
SHA512

d97474cd58c95fdc4494993c6afd1d8013580791274c67d3a227a8ad86085ebd56ead14260456983c1b53b1ca0be6f29c75e54f60c4a0cfa3f6d3757f7948aa6
SSDEEP

3072:Mwoe3sEiZt9nQiX/GpO1SMRpp6NWJdWQji:MnSspZDQiX/2ObRWoDWE

Score

6^/10

discovery

Malware Config

Signatures

Enumerates running processes
Discovers information about currently running processes on the system

Changes its process name 1 IoCs

description	ioc	pid	Process
Changes the process name, possibly in an attempt to hide itself	a- M"!	710	5b498bb8372b66f7e8ba5bde9e14d0b47f1c8c1d4a3ceab30b22ba3c356ca2f0.elf

Reads runtime system information 64 IoCs

Reads data from /proc virtual filesystem.

discovery

description	ioc	Process
File opened for reading	/proc/655/cmdline	5b498bb8372b66f7e8ba5bde9e14d0b47f1c8c1d4a3ceab30b22ba3c356ca2f0.elf
File opened for reading	/proc/739/cmdline	5b498bb8372b66f7e8ba5bde9e14d0b47f1c8c1d4a3ceab30b22ba3c356ca2f0.elf
File opened for reading	/proc/772/cmdline	5b498bb8372b66f7e8ba5bde9e14d0b47f1c8c1d4a3ceab30b22ba3c356ca2f0.elf
File opened for reading	/proc/793/cmdline	5b498bb8372b66f7e8ba5bde9e14d0b47f1c8c1d4a3ceab30b22ba3c356ca2f0.elf
File opened for reading	/proc/18/cmdline	5b498bb8372b66f7e8ba5bde9e14d0b47f1c8c1d4a3ceab30b22ba3c356ca2f0.elf
File opened for reading	/proc/716/cmdline	5b498bb8372b66f7e8ba5bde9e14d0b47f1c8c1d4a3ceab30b22ba3c356ca2f0.elf
File opened for reading	/proc/764/cmdline	5b498bb8372b66f7e8ba5bde9e14d0b47f1c8c1d4a3ceab30b22ba3c356ca2f0.elf
File opened for reading	/proc/806/cmdline	5b498bb8372b66f7e8ba5bde9e14d0b47f1c8c1d4a3ceab30b22ba3c356ca2f0.elf
File opened for reading	/proc/703/cmdline	5b498bb8372b66f7e8ba5bde9e14d0b47f1c8c1d4a3ceab30b22ba3c356ca2f0.elf
File opened for reading	/proc/72/cmdline	5b498bb8372b66f7e8ba5bde9e14d0b47f1c8c1d4a3ceab30b22ba3c356ca2f0.elf
File opened for reading	/proc/725/cmdline	5b498bb8372b66f7e8ba5bde9e14d0b47f1c8c1d4a3ceab30b22ba3c356ca2f0.elf
File opened for reading	/proc/774/cmdline	5b498bb8372b66f7e8ba5bde9e14d0b47f1c8c1d4a3ceab30b22ba3c356ca2f0.elf
File opened for reading	/proc/801/cmdline	5b498bb8372b66f7e8ba5bde9e14d0b47f1c8c1d4a3ceab30b22ba3c356ca2f0.elf
File opened for reading	/proc/812/cmdline	5b498bb8372b66f7e8ba5bde9e14d0b47f1c8c1d4a3ceab30b22ba3c356ca2f0.elf
File opened for reading	/proc/7/cmdline	5b498bb8372b66f7e8ba5bde9e14d0b47f1c8c1d4a3ceab30b22ba3c356ca2f0.elf
File opened for reading	/proc/237/cmdline	5b498bb8372b66f7e8ba5bde9e14d0b47f1c8c1d4a3ceab30b22ba3c356ca2f0.elf
File opened for reading	/proc/804/cmdline	5b498bb8372b66f7e8ba5bde9e14d0b47f1c8c1d4a3ceab30b22ba3c356ca2f0.elf
File opened for reading	/proc/23/cmdline	5b498bb8372b66f7e8ba5bde9e14d0b47f1c8c1d4a3ceab30b22ba3c356ca2f0.elf
File opened for reading	/proc/781/cmdline	5b498bb8372b66f7e8ba5bde9e14d0b47f1c8c1d4a3ceab30b22ba3c356ca2f0.elf
File opened for reading	/proc/783/cmdline	5b498bb8372b66f7e8ba5bde9e14d0b47f1c8c1d4a3ceab30b22ba3c356ca2f0.elf
File opened for reading	/proc/784/cmdline	5b498bb8372b66f7e8ba5bde9e14d0b47f1c8c1d4a3ceab30b22ba3c356ca2f0.elf
File opened for reading	/proc/788/cmdline	5b498bb8372b66f7e8ba5bde9e14d0b47f1c8c1d4a3ceab30b22ba3c356ca2f0.elf
File opened for reading	/proc/707/cmdline	5b498bb8372b66f7e8ba5bde9e14d0b47f1c8c1d4a3ceab30b22ba3c356ca2f0.elf
File opened for reading	/proc/9/cmdline	5b498bb8372b66f7e8ba5bde9e14d0b47f1c8c1d4a3ceab30b22ba3c356ca2f0.elf
File opened for reading	/proc/711/cmdline	5b498bb8372b66f7e8ba5bde9e14d0b47f1c8c1d4a3ceab30b22ba3c356ca2f0.elf
File opened for reading	/proc/744/cmdline	5b498bb8372b66f7e8ba5bde9e14d0b47f1c8c1d4a3ceab30b22ba3c356ca2f0.elf
File opened for reading	/proc/768/cmdline	5b498bb8372b66f7e8ba5bde9e14d0b47f1c8c1d4a3ceab30b22ba3c356ca2f0.elf
File opened for reading	/proc/770/cmdline	5b498bb8372b66f7e8ba5bde9e14d0b47f1c8c1d4a3ceab30b22ba3c356ca2f0.elf
File opened for reading	/proc/3/cmdline	5b498bb8372b66f7e8ba5bde9e14d0b47f1c8c1d4a3ceab30b22ba3c356ca2f0.elf
File opened for reading	/proc/78/cmdline	5b498bb8372b66f7e8ba5bde9e14d0b47f1c8c1d4a3ceab30b22ba3c356ca2f0.elf
File opened for reading	/proc/175/cmdline	5b498bb8372b66f7e8ba5bde9e14d0b47f1c8c1d4a3ceab30b22ba3c356ca2f0.elf
File opened for reading	/proc/745/cmdline	5b498bb8372b66f7e8ba5bde9e14d0b47f1c8c1d4a3ceab30b22ba3c356ca2f0.elf
File opened for reading	/proc/753/cmdline	5b498bb8372b66f7e8ba5bde9e14d0b47f1c8c1d4a3ceab30b22ba3c356ca2f0.elf
File opened for reading	/proc/790/cmdline	5b498bb8372b66f7e8ba5bde9e14d0b47f1c8c1d4a3ceab30b22ba3c356ca2f0.elf
File opened for reading	/proc/1/cmdline	5b498bb8372b66f7e8ba5bde9e14d0b47f1c8c1d4a3ceab30b22ba3c356ca2f0.elf
File opened for reading	/proc/759/cmdline	5b498bb8372b66f7e8ba5bde9e14d0b47f1c8c1d4a3ceab30b22ba3c356ca2f0.elf
File opened for reading	/proc/775/cmdline	5b498bb8372b66f7e8ba5bde9e14d0b47f1c8c1d4a3ceab30b22ba3c356ca2f0.elf
File opened for reading	/proc/689/cmdline	5b498bb8372b66f7e8ba5bde9e14d0b47f1c8c1d4a3ceab30b22ba3c356ca2f0.elf
File opened for reading	/proc/732/cmdline	5b498bb8372b66f7e8ba5bde9e14d0b47f1c8c1d4a3ceab30b22ba3c356ca2f0.elf
File opened for reading	/proc/811/cmdline	5b498bb8372b66f7e8ba5bde9e14d0b47f1c8c1d4a3ceab30b22ba3c356ca2f0.elf
File opened for reading	/proc/71/cmdline	5b498bb8372b66f7e8ba5bde9e14d0b47f1c8c1d4a3ceab30b22ba3c356ca2f0.elf
File opened for reading	/proc/159/cmdline	5b498bb8372b66f7e8ba5bde9e14d0b47f1c8c1d4a3ceab30b22ba3c356ca2f0.elf
File opened for reading	/proc/702/cmdline	5b498bb8372b66f7e8ba5bde9e14d0b47f1c8c1d4a3ceab30b22ba3c356ca2f0.elf
File opened for reading	/proc/747/cmdline	5b498bb8372b66f7e8ba5bde9e14d0b47f1c8c1d4a3ceab30b22ba3c356ca2f0.elf
File opened for reading	/proc/778/cmdline	5b498bb8372b66f7e8ba5bde9e14d0b47f1c8c1d4a3ceab30b22ba3c356ca2f0.elf
File opened for reading	/proc/809/cmdline	5b498bb8372b66f7e8ba5bde9e14d0b47f1c8c1d4a3ceab30b22ba3c356ca2f0.elf
File opened for reading	/proc/11/cmdline	5b498bb8372b66f7e8ba5bde9e14d0b47f1c8c1d4a3ceab30b22ba3c356ca2f0.elf
File opened for reading	/proc/720/cmdline	5b498bb8372b66f7e8ba5bde9e14d0b47f1c8c1d4a3ceab30b22ba3c356ca2f0.elf
File opened for reading	/proc/751/cmdline	5b498bb8372b66f7e8ba5bde9e14d0b47f1c8c1d4a3ceab30b22ba3c356ca2f0.elf
File opened for reading	/proc/761/cmdline	5b498bb8372b66f7e8ba5bde9e14d0b47f1c8c1d4a3ceab30b22ba3c356ca2f0.elf
File opened for reading	/proc/712/cmdline	5b498bb8372b66f7e8ba5bde9e14d0b47f1c8c1d4a3ceab30b22ba3c356ca2f0.elf
File opened for reading	/proc/81/cmdline	5b498bb8372b66f7e8ba5bde9e14d0b47f1c8c1d4a3ceab30b22ba3c356ca2f0.elf
File opened for reading	/proc/635/cmdline	5b498bb8372b66f7e8ba5bde9e14d0b47f1c8c1d4a3ceab30b22ba3c356ca2f0.elf
File opened for reading	/proc/708/cmdline	5b498bb8372b66f7e8ba5bde9e14d0b47f1c8c1d4a3ceab30b22ba3c356ca2f0.elf
File opened for reading	/proc/721/cmdline	5b498bb8372b66f7e8ba5bde9e14d0b47f1c8c1d4a3ceab30b22ba3c356ca2f0.elf
File opened for reading	/proc/730/cmdline	5b498bb8372b66f7e8ba5bde9e14d0b47f1c8c1d4a3ceab30b22ba3c356ca2f0.elf
File opened for reading	/proc/765/cmdline	5b498bb8372b66f7e8ba5bde9e14d0b47f1c8c1d4a3ceab30b22ba3c356ca2f0.elf
File opened for reading	/proc/795/cmdline	5b498bb8372b66f7e8ba5bde9e14d0b47f1c8c1d4a3ceab30b22ba3c356ca2f0.elf
File opened for reading	/proc/70/cmdline	5b498bb8372b66f7e8ba5bde9e14d0b47f1c8c1d4a3ceab30b22ba3c356ca2f0.elf
File opened for reading	/proc/808/cmdline	5b498bb8372b66f7e8ba5bde9e14d0b47f1c8c1d4a3ceab30b22ba3c356ca2f0.elf
File opened for reading	/proc/799/cmdline	5b498bb8372b66f7e8ba5bde9e14d0b47f1c8c1d4a3ceab30b22ba3c356ca2f0.elf
File opened for reading	/proc/731/cmdline	5b498bb8372b66f7e8ba5bde9e14d0b47f1c8c1d4a3ceab30b22ba3c356ca2f0.elf
File opened for reading	/proc/736/cmdline	5b498bb8372b66f7e8ba5bde9e14d0b47f1c8c1d4a3ceab30b22ba3c356ca2f0.elf
File opened for reading	/proc/789/cmdline	5b498bb8372b66f7e8ba5bde9e14d0b47f1c8c1d4a3ceab30b22ba3c356ca2f0.elf

/tmp/5b498bb8372b66f7e8ba5bde9e14d0b47f1c8c1d4a3ceab30b22ba3c356ca2f0.elf
/tmp/5b498bb8372b66f7e8ba5bde9e14d0b47f1c8c1d4a3ceab30b22ba3c356ca2f0.elf
1⤵
- Changes its process name
- Reads runtime system information
PID:710

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads