Overview

overview

10

Static

static

10

739-1-0x00...ry.dmp

debian-12-mipsel

7

Analysis

  • max time kernel
    152s
  • max time network
    18s
  • platform
    debian-12_mipsel
  • resource
    debian12-mipsel-20240221-en
  • resource tags

    arch:mipselimage:debian12-mipsel-20240221-enkernel:6.1.0-17-4kc-maltalocale:en-usos:debian-12-mipselsystem
  • submitted
    08/12/2024, 18:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    739-1-0x00400000-0x00452a58-memory.dmp

  • Size

    73KB

  • MD5

    6d3d495661da3cc362e0d10d42bb8f6b

  • SHA1

    0208e492964d3d89b391bfb6cd9b2174f38664e6

  • SHA256

    c7c58d8a81110e54694866caddd8bd2f329423fb4c77536973a2d8d30b54b515

  • SHA512

    96f3cbb1d7176c335392f1340135e8ee7b29d2162767e7a634df9810506f1d3a4f4cbf635b2358bb589746c9ca5dac389fea90ae445c509695d092ffdb18e71e

  • SSDEEP

    1536:oJPEBmW5iNWqcGTkwnXHZ84OqdZerESt9P:oJPEB8NWq9hqqd0l

Score
7/10
defense_evasiondiscovery

Malware Config

Signatures

  • Modifies Watchdog functionality 1 TTPs 2 IoCs

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    defense_evasion
  • Writes file to system bin folder 2 IoCs
  • Reads runtime system information 22 IoCs

    Reads data from /proc virtual filesystem.

    discovery

Processes

  • /tmp/739-1-0x00400000-0x00452a58-memory.dmp
    /tmp/739-1-0x00400000-0x00452a58-memory.dmp
    1⤵
    • Modifies Watchdog functionality
    • Writes file to system bin folder
    • Reads runtime system information
    PID:743

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads