Overview

overview

10

Static

static

10

701-1-0x00...ry.dmp

debian-12-armhf

7

Analysis

  • max time kernel
    149s
  • max time network
    134s
  • platform
    debian-12_armhf
  • resource
    debian12-armhf-20240221-en
  • resource tags

    arch:armhfimage:debian12-armhf-20240221-enkernel:6.1.0-17-armmp-lpaelocale:en-usos:debian-12-armhfsystem
  • submitted
    01/12/2024, 22:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    701-1-0x00008000-0x00026464-memory.dmp

  • Size

    76KB

  • MD5

    f864ad22ff80d2a39da18ba4aba74469

  • SHA1

    7ae77b3678b078a6fe17dd8b0087bc8732c36c25

  • SHA256

    70854e9550f88b301c7b665b4a312fd517c5a4f1495e052c97d2906c92c00a93

  • SHA512

    cfe278a8c06ebd5c9c0363ecfd5a254c203e7a45c915e4814d8a8487eaa87c7f7ac97d7888fdfefa1f4e3d5810c97f7c9154ea66c4e0d57665e760783243064a

  • SSDEEP

    1536:TJnF9sFw8gu6+wyKaw1KpIPrbvr/6Ra1styKtI8ll5BihwlTQP+8oJ:RowpuQyNSG2eRa1styK9flTQPHo

Score
7/10
defense_evasiondiscovery

Malware Config

Signatures

  • Modifies Watchdog functionality 1 TTPs 2 IoCs

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    defense_evasion
  • Writes file to system bin folder 2 IoCs
  • Reads runtime system information 22 IoCs

    Reads data from /proc virtual filesystem.

    discovery

Processes

  • /tmp/701-1-0x00008000-0x00026464-memory.dmp
    /tmp/701-1-0x00008000-0x00026464-memory.dmp
    1⤵
    • Modifies Watchdog functionality
    • Writes file to system bin folder
    • Reads runtime system information
    PID:709

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads