Analysis
-
max time kernel
149s -
max time network
151s -
platform
debian-9_mips -
resource
debian9-mipsbe-20240729-en -
resource tags
arch:mipsimage:debian9-mipsbe-20240729-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipssystem -
submitted
17-12-2024 02:10
Behavioral task
behavioral1
Sample
09fb484a154602776283d82575227388199e29d20f9f3f59fdb54f4bfb35e343.elf
Resource
debian9-mipsbe-20240729-en
debian-9-mips
4 signatures
150 seconds
General
-
Target
09fb484a154602776283d82575227388199e29d20f9f3f59fdb54f4bfb35e343.elf
-
Size
169KB
-
MD5
c467932920e6f8ed35f3fa154ef38f2d
-
SHA1
d4417919824f71f218e63613d20003a755ae4590
-
SHA256
09fb484a154602776283d82575227388199e29d20f9f3f59fdb54f4bfb35e343
-
SHA512
a8dab7dc9ec7c218bc1f5e01a8914cafdd26ef79cc72714e78d473ab810be6bc3d6524a18fca93b781c24936dbaed3e89bce11c0109563a6c7fae82cefd1f3c0
-
SSDEEP
3072:jg57RW7LHZwbq1YSBan1yvbysxr1uGSlI:jglRW7LHZ0Bqyy1BSlI
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
pid Process 723 09fb484a154602776283d82575227388199e29d20f9f3f59fdb54f4bfb35e343.elf -
Traces itself 2 IoCs
Traces itself to prevent debugging attempts
pid Process 723 09fb484a154602776283d82575227388199e29d20f9f3f59fdb54f4bfb35e343.elf 725 09fb484a154602776283d82575227388199e29d20f9f3f59fdb54f4bfb35e343.elf -
Changes its process name 1 IoCs
description ioc pid Process Changes the process name, possibly in an attempt to hide itself httpd 723 09fb484a154602776283d82575227388199e29d20f9f3f59fdb54f4bfb35e343.elf -
Writes file to tmp directory 1 IoCs
Malware often drops required files in the /tmp directory.
description ioc Process File opened for modification /tmp/09fb484a154602776283d82575227388199e29d20f9f3f59fdb54f4bfb35e343.elf 09fb484a154602776283d82575227388199e29d20f9f3f59fdb54f4bfb35e343.elf