a54b5b953c1dc59cc507623bdb92410fe1edebea9e17294b4f5927eaad5f4902

Analysis

max time kernel
1s
max time network
149s
platform
debian-9_mips
resource
debian9-mipsbe-20240418-en
resource tags

arch:mipsimage:debian9-mipsbe-20240418-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipssystem
submitted
21-11-2024 07:16

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

mips.elf
Size

5.5MB
MD5

e21591247d457d3bb26bbdb259f1a712
SHA1

a3b5a43421d0cf4834b713204aa2a5626927bc43
SHA256

a54b5b953c1dc59cc507623bdb92410fe1edebea9e17294b4f5927eaad5f4902
SHA512

2bd89cc78e33bea007bd0fe17506f606bfede99939b82682db427e087d935c3a77fa3a69c1fd93cd203fcde7f73508e2d48f8d84ab698b578675f6d4ad134e93
SSDEEP

49152:7fImWcIJ/PMjcme4PC6K18gx9Oy8XlIs99MbY0xp2sUn1Gd3plFQWSZvHH:lmfenA/6vn

Score

3^/10

discovery

Malware Config

Signatures

Enumerates kernel/hardware configuration 1 TTPs 2 IoCs

Reads contents of /sys virtual filesystem to enumerate system information.

discovery

System Information Discovery

T1082

description	ioc	Process
File opened for reading	/sys/kernel/mm/transparent_hugepage/hpage_pmd_size	mips.elf
File opened for reading	/sys/kernel/mm/transparent_hugepage/hpage_pmd_size	mips.elf

System Network Configuration Discovery 1 TTPs 2 IoCs

Adversaries may gather information about the network configuration of a system.

discovery

System Network Configuration Discovery

T1016

pid	Process
706	mips.elf
711	mips.elf

/tmp/mips.elf
/tmp/mips.elf
1⤵
- Enumerates kernel/hardware configuration
- System Network Configuration Discovery
PID:706
- /tmp/mips.elf
  /tmp/mips.elf " "
  2⤵
  - Enumerates kernel/hardware configuration
  - System Network Configuration Discovery
  PID:711

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

System Network Configuration Discovery

T1016

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/boot/system.pub

Filesize
5.5MB

MD5
e21591247d457d3bb26bbdb259f1a712

SHA1
a3b5a43421d0cf4834b713204aa2a5626927bc43

SHA256
a54b5b953c1dc59cc507623bdb92410fe1edebea9e17294b4f5927eaad5f4902

SHA512
2bd89cc78e33bea007bd0fe17506f606bfede99939b82682db427e087d935c3a77fa3a69c1fd93cd203fcde7f73508e2d48f8d84ab698b578675f6d4ad134e93

Download Submit
/etc/.cfg

Filesize
57B

MD5
e7cccb6b0aad0d03a6ea0947908f756d

SHA1
96a252ae9cee55b8b7c6d4e86699d00b0482bc15

SHA256
99c308340df8fa6a681543e01ac990e88f932feb08f78014226512fc9a3dba22

SHA512
6e3fb4be6f43911e0a53a15a446ae5bc47e2aa75dd7da0ba1c71cc1730b1028432aaed4657bcac408dfa82037bf72dbd1550fd533aae3b5ac1d905508f1ac06e

Download Submit
/etc/.cfg

Filesize
106B

MD5
85317436d5502b09f9f14d8588eb1db0

SHA1
3041a762a88ea67df744a569277a8cb8f776828a

SHA256
afbca2ff5d72e1bdbd75c39d0e379ab64f27f123a7d48b50a09dd7fbe2656fba

SHA512
32f29eeb9d8eccd502dda92fc7a6469a342c1f1bdf9cabbed6aaffbf5f101b4aca92328e5dd1f1ed1b9ff3814762987515f482bae13108c4acda2146623ab52b

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads