Overview

overview

10

Static

static

10

zmap.mips.elf

debian-9-mips

7

Analysis

  • max time kernel
    131s
  • max time network
    175s
  • platform
    debian-9_mips
  • resource
    debian9-mipsbe-20240611-en
  • resource tags

    arch:mipsimage:debian9-mipsbe-20240611-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipssystem
  • submitted
    04-12-2024 18:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    zmap.mips.elf

  • Size

    94KB

  • MD5

    4bf7c50c70c03a893fd6744f4bd39895

  • SHA1

    52ba98d1e795220f388f43b79d576108add8a81f

  • SHA256

    bef7c1c27aa4ab2ba47ea2825b3c441cb9e307033dc0c9cb9724d7e6bb9cc02e

  • SHA512

    4a3c895aab638c8ae93c5ffc6ba8e02e26c59805a417c70716a07b85677f40cf2d449aff1ceebe926ff47e65a5c4e6394bd2b96643b31ec9555d205d988de6b8

  • SSDEEP

    1536:rF4tsbv54o+37PhHhGhZJ05M/SwPPfuer85eIqKciy:rF4tsr54o+LPhkhuM/SwPPf/r8oKcV

Score
7/10
defense_evasiondiscovery

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Modifies Watchdog functionality 1 TTPs 2 IoCs

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    defense_evasion
  • Writes file to system bin folder 2 IoCs
  • Changes its process name 1 IoCs
  • System Network Configuration Discovery 1 TTPs 1 IoCs

    Adversaries may gather information about the network configuration of a system.

    discovery

Processes

  • /tmp/zmap.mips.elf
    /tmp/zmap.mips.elf
    1⤵
    • Deletes itself
    • Modifies Watchdog functionality
    • Writes file to system bin folder
    • Changes its process name
    • System Network Configuration Discovery
    PID:701

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads