Analysis
-
max time kernel
75s -
max time network
158s -
platform
debian-9_mips -
resource
debian9-mipsbe-20240611-en -
resource tags
-
submitted
15/12/2024, 20:16
General
-
Target
mips.elf
-
Size
66KB
-
MD5
bb446b6ba8a21b846dbb42661d3adedc
-
SHA1
afb017f2ae2d4e0eab102d82b4ef4f0961cd0493
-
SHA256
0c354ebbe4584e62c4bae62dcbca7e100993a1741aab7f2220d360b1a4139c2b
-
SHA512
cb0633d7f7ad42b5595ade06938533467029c21a6ffd899c20b54bf044e7613dbc610a6a98f37169f66e7684a5cfcbb1cdc26dc4f06970041f16dd25e75c51c4
-
SSDEEP
768:ZaR/gw064+ZSYd4hcfZ2uAHvkTby8YD5PYt0vt/3wyENuwn9nDZnananBKj0KzcV:tYkE0uA4byxYW9cCQKDLt9aFQXVdmWk
Score
9/10
Malware Config
Signatures
-
Contacts a large (204924) amount of remote hosts 1 TTPs
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows 1 TTPs
This may indicate a network scan to discover remotely running services.
-
Modifies Watchdog functionality 1 TTPs 2 IoCs
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
System Network Configuration Discovery 1 TTPs 1 IoCs
Adversaries may gather information about the network configuration of a system.
Processes
-
/tmp/mips.elf/tmp/mips.elf1⤵
- Modifies Watchdog functionality
- System Network Configuration Discovery