30aafebbfbe471b83a1aa51bc0a2d9ad5f11211ee5a51c9e0461b918577fd327

Analysis

max time kernel
150s
max time network
151s
platform
debian-9_mips
resource
debian9-mipsbe-20240729-en
resource tags

arch:mipsimage:debian9-mipsbe-20240729-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipssystem
submitted
14-12-2024 03:09

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

30aafebbfbe471b83a1aa51bc0a2d9ad5f11211ee5a51c9e0461b918577fd327.elf
Size

177KB
MD5

a8b7e629e9c1debcf53aff3ba95a3077
SHA1

0bb0a12147480fe0b158f932f78ec09ad19a38c6
SHA256

30aafebbfbe471b83a1aa51bc0a2d9ad5f11211ee5a51c9e0461b918577fd327
SHA512

62d52e69edf3038233ab9db187071fa2b4e60e88007da42107a723c845acfcc2ad881ab53fc0d9a96d4bfa49aff83177843f796d8e449aff3c96b58f0361d7c5
SSDEEP

3072:z6uSXvJnzjP0X/Ozpyi579Y5y5mt4Ontw6qux5/rpgB:z6uSXvJnvP0vOzYiAA0n/q65zpG

Score

6^/10

discovery

Malware Config

Signatures

Enumerates running processes
Discovers information about currently running processes on the system

Changes its process name 1 IoCs

description	ioc	pid	Process
Changes the process name, possibly in an attempt to hide itself	a- M"!	710	30aafebbfbe471b83a1aa51bc0a2d9ad5f11211ee5a51c9e0461b918577fd327.elf

Reads runtime system information 64 IoCs

Reads data from /proc virtual filesystem.

discovery

description	ioc	Process
File opened for reading	/proc/7/cmdline	30aafebbfbe471b83a1aa51bc0a2d9ad5f11211ee5a51c9e0461b918577fd327.elf
File opened for reading	/proc/712/cmdline	30aafebbfbe471b83a1aa51bc0a2d9ad5f11211ee5a51c9e0461b918577fd327.elf
File opened for reading	/proc/713/cmdline	30aafebbfbe471b83a1aa51bc0a2d9ad5f11211ee5a51c9e0461b918577fd327.elf
File opened for reading	/proc/714/cmdline	30aafebbfbe471b83a1aa51bc0a2d9ad5f11211ee5a51c9e0461b918577fd327.elf
File opened for reading	/proc/733/cmdline	30aafebbfbe471b83a1aa51bc0a2d9ad5f11211ee5a51c9e0461b918577fd327.elf
File opened for reading	/proc/736/cmdline	30aafebbfbe471b83a1aa51bc0a2d9ad5f11211ee5a51c9e0461b918577fd327.elf
File opened for reading	/proc/744/cmdline	30aafebbfbe471b83a1aa51bc0a2d9ad5f11211ee5a51c9e0461b918577fd327.elf
File opened for reading	/proc/768/cmdline	30aafebbfbe471b83a1aa51bc0a2d9ad5f11211ee5a51c9e0461b918577fd327.elf
File opened for reading	/proc/782/cmdline	30aafebbfbe471b83a1aa51bc0a2d9ad5f11211ee5a51c9e0461b918577fd327.elf
File opened for reading	/proc/15/cmdline	30aafebbfbe471b83a1aa51bc0a2d9ad5f11211ee5a51c9e0461b918577fd327.elf
File opened for reading	/proc/742/cmdline	30aafebbfbe471b83a1aa51bc0a2d9ad5f11211ee5a51c9e0461b918577fd327.elf
File opened for reading	/proc/762/cmdline	30aafebbfbe471b83a1aa51bc0a2d9ad5f11211ee5a51c9e0461b918577fd327.elf
File opened for reading	/proc/774/cmdline	30aafebbfbe471b83a1aa51bc0a2d9ad5f11211ee5a51c9e0461b918577fd327.elf
File opened for reading	/proc/3/cmdline	30aafebbfbe471b83a1aa51bc0a2d9ad5f11211ee5a51c9e0461b918577fd327.elf
File opened for reading	/proc/80/cmdline	30aafebbfbe471b83a1aa51bc0a2d9ad5f11211ee5a51c9e0461b918577fd327.elf
File opened for reading	/proc/371/cmdline	30aafebbfbe471b83a1aa51bc0a2d9ad5f11211ee5a51c9e0461b918577fd327.elf
File opened for reading	/proc/437/cmdline	30aafebbfbe471b83a1aa51bc0a2d9ad5f11211ee5a51c9e0461b918577fd327.elf
File opened for reading	/proc/738/cmdline	30aafebbfbe471b83a1aa51bc0a2d9ad5f11211ee5a51c9e0461b918577fd327.elf
File opened for reading	/proc/754/cmdline	30aafebbfbe471b83a1aa51bc0a2d9ad5f11211ee5a51c9e0461b918577fd327.elf
File opened for reading	/proc/756/cmdline	30aafebbfbe471b83a1aa51bc0a2d9ad5f11211ee5a51c9e0461b918577fd327.elf
File opened for reading	/proc/795/cmdline	30aafebbfbe471b83a1aa51bc0a2d9ad5f11211ee5a51c9e0461b918577fd327.elf
File opened for reading	/proc/803/cmdline	30aafebbfbe471b83a1aa51bc0a2d9ad5f11211ee5a51c9e0461b918577fd327.elf
File opened for reading	/proc/1/cmdline	30aafebbfbe471b83a1aa51bc0a2d9ad5f11211ee5a51c9e0461b918577fd327.elf
File opened for reading	/proc/10/cmdline	30aafebbfbe471b83a1aa51bc0a2d9ad5f11211ee5a51c9e0461b918577fd327.elf
File opened for reading	/proc/37/cmdline	30aafebbfbe471b83a1aa51bc0a2d9ad5f11211ee5a51c9e0461b918577fd327.elf
File opened for reading	/proc/175/cmdline	30aafebbfbe471b83a1aa51bc0a2d9ad5f11211ee5a51c9e0461b918577fd327.elf
File opened for reading	/proc/703/cmdline	30aafebbfbe471b83a1aa51bc0a2d9ad5f11211ee5a51c9e0461b918577fd327.elf
File opened for reading	/proc/709/cmdline	30aafebbfbe471b83a1aa51bc0a2d9ad5f11211ee5a51c9e0461b918577fd327.elf
File opened for reading	/proc/17/cmdline	30aafebbfbe471b83a1aa51bc0a2d9ad5f11211ee5a51c9e0461b918577fd327.elf
File opened for reading	/proc/82/cmdline	30aafebbfbe471b83a1aa51bc0a2d9ad5f11211ee5a51c9e0461b918577fd327.elf
File opened for reading	/proc/715/cmdline	30aafebbfbe471b83a1aa51bc0a2d9ad5f11211ee5a51c9e0461b918577fd327.elf
File opened for reading	/proc/741/cmdline	30aafebbfbe471b83a1aa51bc0a2d9ad5f11211ee5a51c9e0461b918577fd327.elf
File opened for reading	/proc/745/cmdline	30aafebbfbe471b83a1aa51bc0a2d9ad5f11211ee5a51c9e0461b918577fd327.elf
File opened for reading	/proc/748/cmdline	30aafebbfbe471b83a1aa51bc0a2d9ad5f11211ee5a51c9e0461b918577fd327.elf
File opened for reading	/proc/751/cmdline	30aafebbfbe471b83a1aa51bc0a2d9ad5f11211ee5a51c9e0461b918577fd327.elf
File opened for reading	/proc/767/cmdline	30aafebbfbe471b83a1aa51bc0a2d9ad5f11211ee5a51c9e0461b918577fd327.elf
File opened for reading	/proc/71/cmdline	30aafebbfbe471b83a1aa51bc0a2d9ad5f11211ee5a51c9e0461b918577fd327.elf
File opened for reading	/proc/76/cmdline	30aafebbfbe471b83a1aa51bc0a2d9ad5f11211ee5a51c9e0461b918577fd327.elf
File opened for reading	/proc/340/cmdline	30aafebbfbe471b83a1aa51bc0a2d9ad5f11211ee5a51c9e0461b918577fd327.elf
File opened for reading	/proc/766/cmdline	30aafebbfbe471b83a1aa51bc0a2d9ad5f11211ee5a51c9e0461b918577fd327.elf
File opened for reading	/proc/778/cmdline	30aafebbfbe471b83a1aa51bc0a2d9ad5f11211ee5a51c9e0461b918577fd327.elf
File opened for reading	/proc/780/cmdline	30aafebbfbe471b83a1aa51bc0a2d9ad5f11211ee5a51c9e0461b918577fd327.elf
File opened for reading	/proc/22/cmdline	30aafebbfbe471b83a1aa51bc0a2d9ad5f11211ee5a51c9e0461b918577fd327.elf
File opened for reading	/proc/679/cmdline	30aafebbfbe471b83a1aa51bc0a2d9ad5f11211ee5a51c9e0461b918577fd327.elf
File opened for reading	/proc/4/cmdline	30aafebbfbe471b83a1aa51bc0a2d9ad5f11211ee5a51c9e0461b918577fd327.elf
File opened for reading	/proc/72/cmdline	30aafebbfbe471b83a1aa51bc0a2d9ad5f11211ee5a51c9e0461b918577fd327.elf
File opened for reading	/proc/732/cmdline	30aafebbfbe471b83a1aa51bc0a2d9ad5f11211ee5a51c9e0461b918577fd327.elf
File opened for reading	/proc/814/cmdline	30aafebbfbe471b83a1aa51bc0a2d9ad5f11211ee5a51c9e0461b918577fd327.elf
File opened for reading	/proc/816/cmdline	30aafebbfbe471b83a1aa51bc0a2d9ad5f11211ee5a51c9e0461b918577fd327.elf
File opened for reading	/proc/20/cmdline	30aafebbfbe471b83a1aa51bc0a2d9ad5f11211ee5a51c9e0461b918577fd327.elf
File opened for reading	/proc/721/cmdline	30aafebbfbe471b83a1aa51bc0a2d9ad5f11211ee5a51c9e0461b918577fd327.elf
File opened for reading	/proc/729/cmdline	30aafebbfbe471b83a1aa51bc0a2d9ad5f11211ee5a51c9e0461b918577fd327.elf
File opened for reading	/proc/771/cmdline	30aafebbfbe471b83a1aa51bc0a2d9ad5f11211ee5a51c9e0461b918577fd327.elf
File opened for reading	/proc/776/cmdline	30aafebbfbe471b83a1aa51bc0a2d9ad5f11211ee5a51c9e0461b918577fd327.elf
File opened for reading	/proc/24/cmdline	30aafebbfbe471b83a1aa51bc0a2d9ad5f11211ee5a51c9e0461b918577fd327.elf
File opened for reading	/proc/77/cmdline	30aafebbfbe471b83a1aa51bc0a2d9ad5f11211ee5a51c9e0461b918577fd327.elf
File opened for reading	/proc/237/cmdline	30aafebbfbe471b83a1aa51bc0a2d9ad5f11211ee5a51c9e0461b918577fd327.elf
File opened for reading	/proc/685/cmdline	30aafebbfbe471b83a1aa51bc0a2d9ad5f11211ee5a51c9e0461b918577fd327.elf
File opened for reading	/proc/787/cmdline	30aafebbfbe471b83a1aa51bc0a2d9ad5f11211ee5a51c9e0461b918577fd327.elf
File opened for reading	/proc/788/cmdline	30aafebbfbe471b83a1aa51bc0a2d9ad5f11211ee5a51c9e0461b918577fd327.elf
File opened for reading	/proc/804/cmdline	30aafebbfbe471b83a1aa51bc0a2d9ad5f11211ee5a51c9e0461b918577fd327.elf
File opened for reading	/proc/812/cmdline	30aafebbfbe471b83a1aa51bc0a2d9ad5f11211ee5a51c9e0461b918577fd327.elf
File opened for reading	/proc/18/cmdline	30aafebbfbe471b83a1aa51bc0a2d9ad5f11211ee5a51c9e0461b918577fd327.elf
File opened for reading	/proc/110/cmdline	30aafebbfbe471b83a1aa51bc0a2d9ad5f11211ee5a51c9e0461b918577fd327.elf

/tmp/30aafebbfbe471b83a1aa51bc0a2d9ad5f11211ee5a51c9e0461b918577fd327.elf
/tmp/30aafebbfbe471b83a1aa51bc0a2d9ad5f11211ee5a51c9e0461b918577fd327.elf
1⤵
- Changes its process name
- Reads runtime system information
PID:710

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads