7cb18930b8b053b1783bd130dde6b2aeed63d8b07bbb473fa38dbf8027c3adc3

Analysis

max time kernel
150s
max time network
153s
platform
debian-9_mipsel
resource
debian9-mipsel-20240226-en
resource tags

arch:mipselimage:debian9-mipsel-20240226-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipselsystem
submitted
01-12-2024 02:39

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

7cb18930b8b053b1783bd130dde6b2aeed63d8b07bbb473fa38dbf8027c3adc3.elf
Size

177KB
MD5

9e98b36448f6a913dc14deb6e05deffe
SHA1

0b077cea22186d514b7f8aab6e902267c7dc35c4
SHA256

7cb18930b8b053b1783bd130dde6b2aeed63d8b07bbb473fa38dbf8027c3adc3
SHA512

cec5d6434977fdd325d05ec999c98c3f763a7b51ac7c26c3b00109be86fdd98efad18e3bfc26f49a982148167334aba6e2107085cc66c899ab6954e6acf63261
SSDEEP

3072:swoe3s5NZ99nQiX/kepewc8ZpqNGmdWQQS:snSsPZzQiX/kueb824CWT

Score

6^/10

discovery

Malware Config

Signatures

Enumerates running processes
Discovers information about currently running processes on the system

Changes its process name 1 IoCs

description	ioc	pid	Process
Changes the process name, possibly in an attempt to hide itself	a- M "	706	7cb18930b8b053b1783bd130dde6b2aeed63d8b07bbb473fa38dbf8027c3adc3.elf

Reads runtime system information 64 IoCs

Reads data from /proc virtual filesystem.

discovery

description	ioc	Process
File opened for reading	/proc/315/cmdline	7cb18930b8b053b1783bd130dde6b2aeed63d8b07bbb473fa38dbf8027c3adc3.elf
File opened for reading	/proc/756/cmdline	7cb18930b8b053b1783bd130dde6b2aeed63d8b07bbb473fa38dbf8027c3adc3.elf
File opened for reading	/proc/774/cmdline	7cb18930b8b053b1783bd130dde6b2aeed63d8b07bbb473fa38dbf8027c3adc3.elf
File opened for reading	/proc/801/cmdline	7cb18930b8b053b1783bd130dde6b2aeed63d8b07bbb473fa38dbf8027c3adc3.elf
File opened for reading	/proc/809/cmdline	7cb18930b8b053b1783bd130dde6b2aeed63d8b07bbb473fa38dbf8027c3adc3.elf
File opened for reading	/proc/698/cmdline	7cb18930b8b053b1783bd130dde6b2aeed63d8b07bbb473fa38dbf8027c3adc3.elf
File opened for reading	/proc/787/cmdline	7cb18930b8b053b1783bd130dde6b2aeed63d8b07bbb473fa38dbf8027c3adc3.elf
File opened for reading	/proc/796/cmdline	7cb18930b8b053b1783bd130dde6b2aeed63d8b07bbb473fa38dbf8027c3adc3.elf
File opened for reading	/proc/806/cmdline	7cb18930b8b053b1783bd130dde6b2aeed63d8b07bbb473fa38dbf8027c3adc3.elf
File opened for reading	/proc/6/cmdline	7cb18930b8b053b1783bd130dde6b2aeed63d8b07bbb473fa38dbf8027c3adc3.elf
File opened for reading	/proc/499/cmdline	7cb18930b8b053b1783bd130dde6b2aeed63d8b07bbb473fa38dbf8027c3adc3.elf
File opened for reading	/proc/727/cmdline	7cb18930b8b053b1783bd130dde6b2aeed63d8b07bbb473fa38dbf8027c3adc3.elf
File opened for reading	/proc/757/cmdline	7cb18930b8b053b1783bd130dde6b2aeed63d8b07bbb473fa38dbf8027c3adc3.elf
File opened for reading	/proc/761/cmdline	7cb18930b8b053b1783bd130dde6b2aeed63d8b07bbb473fa38dbf8027c3adc3.elf
File opened for reading	/proc/793/cmdline	7cb18930b8b053b1783bd130dde6b2aeed63d8b07bbb473fa38dbf8027c3adc3.elf
File opened for reading	/proc/78/cmdline	7cb18930b8b053b1783bd130dde6b2aeed63d8b07bbb473fa38dbf8027c3adc3.elf
File opened for reading	/proc/745/cmdline	7cb18930b8b053b1783bd130dde6b2aeed63d8b07bbb473fa38dbf8027c3adc3.elf
File opened for reading	/proc/749/cmdline	7cb18930b8b053b1783bd130dde6b2aeed63d8b07bbb473fa38dbf8027c3adc3.elf
File opened for reading	/proc/385/cmdline	7cb18930b8b053b1783bd130dde6b2aeed63d8b07bbb473fa38dbf8027c3adc3.elf
File opened for reading	/proc/810/cmdline	7cb18930b8b053b1783bd130dde6b2aeed63d8b07bbb473fa38dbf8027c3adc3.elf
File opened for reading	/proc/811/cmdline	7cb18930b8b053b1783bd130dde6b2aeed63d8b07bbb473fa38dbf8027c3adc3.elf
File opened for reading	/proc/699/cmdline	7cb18930b8b053b1783bd130dde6b2aeed63d8b07bbb473fa38dbf8027c3adc3.elf
File opened for reading	/proc/744/cmdline	7cb18930b8b053b1783bd130dde6b2aeed63d8b07bbb473fa38dbf8027c3adc3.elf
File opened for reading	/proc/11/cmdline	7cb18930b8b053b1783bd130dde6b2aeed63d8b07bbb473fa38dbf8027c3adc3.elf
File opened for reading	/proc/22/cmdline	7cb18930b8b053b1783bd130dde6b2aeed63d8b07bbb473fa38dbf8027c3adc3.elf
File opened for reading	/proc/74/cmdline	7cb18930b8b053b1783bd130dde6b2aeed63d8b07bbb473fa38dbf8027c3adc3.elf
File opened for reading	/proc/314/cmdline	7cb18930b8b053b1783bd130dde6b2aeed63d8b07bbb473fa38dbf8027c3adc3.elf
File opened for reading	/proc/344/cmdline	7cb18930b8b053b1783bd130dde6b2aeed63d8b07bbb473fa38dbf8027c3adc3.elf
File opened for reading	/proc/530/cmdline	7cb18930b8b053b1783bd130dde6b2aeed63d8b07bbb473fa38dbf8027c3adc3.elf
File opened for reading	/proc/752/cmdline	7cb18930b8b053b1783bd130dde6b2aeed63d8b07bbb473fa38dbf8027c3adc3.elf
File opened for reading	/proc/790/cmdline	7cb18930b8b053b1783bd130dde6b2aeed63d8b07bbb473fa38dbf8027c3adc3.elf
File opened for reading	/proc/802/cmdline	7cb18930b8b053b1783bd130dde6b2aeed63d8b07bbb473fa38dbf8027c3adc3.elf
File opened for reading	/proc/788/cmdline	7cb18930b8b053b1783bd130dde6b2aeed63d8b07bbb473fa38dbf8027c3adc3.elf
File opened for reading	/proc/12/cmdline	7cb18930b8b053b1783bd130dde6b2aeed63d8b07bbb473fa38dbf8027c3adc3.elf
File opened for reading	/proc/75/cmdline	7cb18930b8b053b1783bd130dde6b2aeed63d8b07bbb473fa38dbf8027c3adc3.elf
File opened for reading	/proc/311/cmdline	7cb18930b8b053b1783bd130dde6b2aeed63d8b07bbb473fa38dbf8027c3adc3.elf
File opened for reading	/proc/734/cmdline	7cb18930b8b053b1783bd130dde6b2aeed63d8b07bbb473fa38dbf8027c3adc3.elf
File opened for reading	/proc/748/cmdline	7cb18930b8b053b1783bd130dde6b2aeed63d8b07bbb473fa38dbf8027c3adc3.elf
File opened for reading	/proc/769/cmdline	7cb18930b8b053b1783bd130dde6b2aeed63d8b07bbb473fa38dbf8027c3adc3.elf
File opened for reading	/proc/2/cmdline	7cb18930b8b053b1783bd130dde6b2aeed63d8b07bbb473fa38dbf8027c3adc3.elf
File opened for reading	/proc/531/cmdline	7cb18930b8b053b1783bd130dde6b2aeed63d8b07bbb473fa38dbf8027c3adc3.elf
File opened for reading	/proc/716/cmdline	7cb18930b8b053b1783bd130dde6b2aeed63d8b07bbb473fa38dbf8027c3adc3.elf
File opened for reading	/proc/718/cmdline	7cb18930b8b053b1783bd130dde6b2aeed63d8b07bbb473fa38dbf8027c3adc3.elf
File opened for reading	/proc/721/cmdline	7cb18930b8b053b1783bd130dde6b2aeed63d8b07bbb473fa38dbf8027c3adc3.elf
File opened for reading	/proc/735/cmdline	7cb18930b8b053b1783bd130dde6b2aeed63d8b07bbb473fa38dbf8027c3adc3.elf
File opened for reading	/proc/763/cmdline	7cb18930b8b053b1783bd130dde6b2aeed63d8b07bbb473fa38dbf8027c3adc3.elf
File opened for reading	/proc/780/cmdline	7cb18930b8b053b1783bd130dde6b2aeed63d8b07bbb473fa38dbf8027c3adc3.elf
File opened for reading	/proc/792/cmdline	7cb18930b8b053b1783bd130dde6b2aeed63d8b07bbb473fa38dbf8027c3adc3.elf
File opened for reading	/proc/317/cmdline	7cb18930b8b053b1783bd130dde6b2aeed63d8b07bbb473fa38dbf8027c3adc3.elf
File opened for reading	/proc/723/cmdline	7cb18930b8b053b1783bd130dde6b2aeed63d8b07bbb473fa38dbf8027c3adc3.elf
File opened for reading	/proc/733/cmdline	7cb18930b8b053b1783bd130dde6b2aeed63d8b07bbb473fa38dbf8027c3adc3.elf
File opened for reading	/proc/739/cmdline	7cb18930b8b053b1783bd130dde6b2aeed63d8b07bbb473fa38dbf8027c3adc3.elf
File opened for reading	/proc/747/cmdline	7cb18930b8b053b1783bd130dde6b2aeed63d8b07bbb473fa38dbf8027c3adc3.elf
File opened for reading	/proc/770/cmdline	7cb18930b8b053b1783bd130dde6b2aeed63d8b07bbb473fa38dbf8027c3adc3.elf
File opened for reading	/proc/76/cmdline	7cb18930b8b053b1783bd130dde6b2aeed63d8b07bbb473fa38dbf8027c3adc3.elf
File opened for reading	/proc/144/cmdline	7cb18930b8b053b1783bd130dde6b2aeed63d8b07bbb473fa38dbf8027c3adc3.elf
File opened for reading	/proc/764/cmdline	7cb18930b8b053b1783bd130dde6b2aeed63d8b07bbb473fa38dbf8027c3adc3.elf
File opened for reading	/proc/768/cmdline	7cb18930b8b053b1783bd130dde6b2aeed63d8b07bbb473fa38dbf8027c3adc3.elf
File opened for reading	/proc/105/cmdline	7cb18930b8b053b1783bd130dde6b2aeed63d8b07bbb473fa38dbf8027c3adc3.elf
File opened for reading	/proc/743/cmdline	7cb18930b8b053b1783bd130dde6b2aeed63d8b07bbb473fa38dbf8027c3adc3.elf
File opened for reading	/proc/776/cmdline	7cb18930b8b053b1783bd130dde6b2aeed63d8b07bbb473fa38dbf8027c3adc3.elf
File opened for reading	/proc/789/cmdline	7cb18930b8b053b1783bd130dde6b2aeed63d8b07bbb473fa38dbf8027c3adc3.elf
File opened for reading	/proc/36/cmdline	7cb18930b8b053b1783bd130dde6b2aeed63d8b07bbb473fa38dbf8027c3adc3.elf
File opened for reading	/proc/373/cmdline	7cb18930b8b053b1783bd130dde6b2aeed63d8b07bbb473fa38dbf8027c3adc3.elf

/tmp/7cb18930b8b053b1783bd130dde6b2aeed63d8b07bbb473fa38dbf8027c3adc3.elf
/tmp/7cb18930b8b053b1783bd130dde6b2aeed63d8b07bbb473fa38dbf8027c3adc3.elf
1⤵
- Changes its process name
- Reads runtime system information
PID:706

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads