Analysis
-
max time kernel
137s -
max time network
155s -
platform
debian-12_mipsel -
resource
debian12-mipsel-20240221-en -
resource tags
-
submitted
13-12-2024 09:19
General
-
Target
roze.mipsel.elf
-
Size
209KB
-
MD5
cf04b3886c628186bd82c4b98d9bd706
-
SHA1
d2e36954f893c31d3f01b12d1399a79de9956a30
-
SHA256
edef911a70c7e2b27c998899de4a6ae13749f6091582e8c3765d35acce0ac71a
-
SHA512
59e5974e40208db25dc87b1392ec89dd9c243b81788dfa2372a21e9e400f4af2709b688118b2790e70997ff442d4853a06846e8c5fc6c0cf7b962d945938234b
-
SSDEEP
3072:T4mSFGv/kWadcXVKRd8D5hgH3yJCstmrpy6n9Nn:pn/pebRiD5hgXjstmrpy6n9Nn
Score
6/10
Malware Config
Signatures
-
Reads system routing table 1 TTPs 1 IoCs
Gets active network interfaces from /proc virtual filesystem.
-
Reads system network configuration 1 TTPs 1 IoCs
Uses contents of /proc filesystem to enumerate network settings.
-
System Network Configuration Discovery 1 TTPs 1 IoCs
Adversaries may gather information about the network configuration of a system.
Processes
-
/tmp/roze.mipsel.elf/tmp/roze.mipsel.elf1⤵
- Reads system routing table
- Reads system network configuration
- System Network Configuration Discovery