Overview

overview

10

Static

static

10

715-1-0x00...ry.dmp

debian-9-mips

9

Analysis

  • max time kernel
    150s
  • max time network
    155s
  • platform
    debian-9_mips
  • resource
    debian9-mipsbe-20240611-en
  • resource tags

    arch:mipsimage:debian9-mipsbe-20240611-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipssystem
  • submitted
    12-12-2024 14:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    715-1-0x00400000-0x00430f8c-memory.dmp

  • Size

    129KB

  • MD5

    7af32aab164e74c0ce53a430b629edcc

  • SHA1

    bf05c3f15c7f6e6fa38308809d5ead8f11c2dc91

  • SHA256

    d44a882c31ec7c996cf327ac75602b8465e7f42ca4fae81cedd49b72ccd6b9e7

  • SHA512

    aabd781df2caab2ce3fde1f3f1565e3a51d6f8e91c5da3b6b523e6fb64f8d0fda9fb055859bb2258f5d5387f92d89099f8e69fda6223afe06c3c1290674138c1

  • SSDEEP

    3072:4kP+ptzQB0sTv6s3B4hagrUcgxNN1qVOVZ8Fb1laW4K:4kP+ptzQB0I3KhagrUxMFb1laW4K

Score
9/10
defense_evasiondiscovery

Malware Config

Signatures

  • Contacts a large (108497) amount of remote hosts 1 TTPs

    This may indicate a network scan to discover remotely running services.

    discovery
  • Creates a large amount of network flows 1 TTPs

    This may indicate a network scan to discover remotely running services.

    discovery
  • Modifies Watchdog functionality 1 TTPs 2 IoCs

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    defense_evasion
  • Changes its process name 1 IoCs
  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

    discovery

Processes

  • /tmp/715-1-0x00400000-0x00430f8c-memory.dmp
    /tmp/715-1-0x00400000-0x00430f8c-memory.dmp
    1⤵
    • Modifies Watchdog functionality
    • Changes its process name
    • Reads runtime system information
    PID:698

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads