Analysis
-
max time kernel
135s -
max time network
140s -
platform
debian-12_mipsel -
resource
debian12-mipsel-20240221-en -
resource tags
-
submitted
06-12-2024 13:17
General
-
Target
roze.mipsel.elf
-
Size
209KB
-
MD5
104c7caf96c5b0975835e6a8153be202
-
SHA1
2e4256bb84c45c9ab0aae6bff78750dab1eee870
-
SHA256
0943281fcda9c8d6cf3deebffe513b1829f67bc3fc6ca0cc0e3931e0f283fb24
-
SHA512
f20478fc48c89eb45335ae4a88139222ef8de731510829b5f50836e6c260eb51c1a200b0f7bc306531ef3ba4e612c6cd3d8e497843743b2957941b37e9aab89d
-
SSDEEP
3072:T4mSFGv/kWadcXVKRd865hgH3yJCstmrpy6n9Nn:pn/pebRi65hgXjstmrpy6n9Nn
Score
6/10
Malware Config
Signatures
-
Reads system routing table 1 TTPs 1 IoCs
Gets active network interfaces from /proc virtual filesystem.
-
Reads system network configuration 1 TTPs 1 IoCs
Uses contents of /proc filesystem to enumerate network settings.
-
System Network Configuration Discovery 1 TTPs 1 IoCs
Adversaries may gather information about the network configuration of a system.
Processes
-
/tmp/roze.mipsel.elf/tmp/roze.mipsel.elf1⤵
- Reads system routing table
- Reads system network configuration
- System Network Configuration Discovery