a9cfe7dbdc25e540fae253b4246da912c800fa1e480e5378ed05b373154ef70b

Analysis

max time kernel
150s
max time network
148s
platform
debian-9_mips
resource
debian9-mipsbe-20240611-en
resource tags

arch:mipsimage:debian9-mipsbe-20240611-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipssystem
submitted
19-12-2024 03:36

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

a9cfe7dbdc25e540fae253b4246da912c800fa1e480e5378ed05b373154ef70b.elf
Size

177KB
MD5

a4488c1707634e53e00322ce6e461beb
SHA1

9426511d282db2a25a096f9f580bcb12a46e2b0b
SHA256

a9cfe7dbdc25e540fae253b4246da912c800fa1e480e5378ed05b373154ef70b
SHA512

97b1c392c11c824e973cce2497b22eb96cca99fbc1216566ed9427afc29a45b3e2b03490c4af37300a6d13718d218b3aaff38d9dbdc72e76cb2a0b093c41abdd
SSDEEP

3072:f6uSXvJnzjP0jSazpyi579Yxy52tIen9A6qewZQDhaMh:f6uSXvJnvP0+azYigAEnfqnZ4haa

Score

6^/10

discovery

Malware Config

Signatures

Enumerates running processes
Discovers information about currently running processes on the system

Changes its process name 1 IoCs

description	ioc	pid	Process
Changes the process name, possibly in an attempt to hide itself	a- M"!	703	a9cfe7dbdc25e540fae253b4246da912c800fa1e480e5378ed05b373154ef70b.elf

Reads runtime system information 64 IoCs

Reads data from /proc virtual filesystem.

discovery

description	ioc	Process
File opened for reading	/proc/376/cmdline	a9cfe7dbdc25e540fae253b4246da912c800fa1e480e5378ed05b373154ef70b.elf
File opened for reading	/proc/729/cmdline	a9cfe7dbdc25e540fae253b4246da912c800fa1e480e5378ed05b373154ef70b.elf
File opened for reading	/proc/739/cmdline	a9cfe7dbdc25e540fae253b4246da912c800fa1e480e5378ed05b373154ef70b.elf
File opened for reading	/proc/741/cmdline	a9cfe7dbdc25e540fae253b4246da912c800fa1e480e5378ed05b373154ef70b.elf
File opened for reading	/proc/764/cmdline	a9cfe7dbdc25e540fae253b4246da912c800fa1e480e5378ed05b373154ef70b.elf
File opened for reading	/proc/76/cmdline	a9cfe7dbdc25e540fae253b4246da912c800fa1e480e5378ed05b373154ef70b.elf
File opened for reading	/proc/77/cmdline	a9cfe7dbdc25e540fae253b4246da912c800fa1e480e5378ed05b373154ef70b.elf
File opened for reading	/proc/810/cmdline	a9cfe7dbdc25e540fae253b4246da912c800fa1e480e5378ed05b373154ef70b.elf
File opened for reading	/proc/7/cmdline	a9cfe7dbdc25e540fae253b4246da912c800fa1e480e5378ed05b373154ef70b.elf
File opened for reading	/proc/717/cmdline	a9cfe7dbdc25e540fae253b4246da912c800fa1e480e5378ed05b373154ef70b.elf
File opened for reading	/proc/716/cmdline	a9cfe7dbdc25e540fae253b4246da912c800fa1e480e5378ed05b373154ef70b.elf
File opened for reading	/proc/746/cmdline	a9cfe7dbdc25e540fae253b4246da912c800fa1e480e5378ed05b373154ef70b.elf
File opened for reading	/proc/748/cmdline	a9cfe7dbdc25e540fae253b4246da912c800fa1e480e5378ed05b373154ef70b.elf
File opened for reading	/proc/13/cmdline	a9cfe7dbdc25e540fae253b4246da912c800fa1e480e5378ed05b373154ef70b.elf
File opened for reading	/proc/705/cmdline	a9cfe7dbdc25e540fae253b4246da912c800fa1e480e5378ed05b373154ef70b.elf
File opened for reading	/proc/737/cmdline	a9cfe7dbdc25e540fae253b4246da912c800fa1e480e5378ed05b373154ef70b.elf
File opened for reading	/proc/754/cmdline	a9cfe7dbdc25e540fae253b4246da912c800fa1e480e5378ed05b373154ef70b.elf
File opened for reading	/proc/770/cmdline	a9cfe7dbdc25e540fae253b4246da912c800fa1e480e5378ed05b373154ef70b.elf
File opened for reading	/proc/695/cmdline	a9cfe7dbdc25e540fae253b4246da912c800fa1e480e5378ed05b373154ef70b.elf
File opened for reading	/proc/731/cmdline	a9cfe7dbdc25e540fae253b4246da912c800fa1e480e5378ed05b373154ef70b.elf
File opened for reading	/proc/331/cmdline	a9cfe7dbdc25e540fae253b4246da912c800fa1e480e5378ed05b373154ef70b.elf
File opened for reading	/proc/361/cmdline	a9cfe7dbdc25e540fae253b4246da912c800fa1e480e5378ed05b373154ef70b.elf
File opened for reading	/proc/685/cmdline	a9cfe7dbdc25e540fae253b4246da912c800fa1e480e5378ed05b373154ef70b.elf
File opened for reading	/proc/712/cmdline	a9cfe7dbdc25e540fae253b4246da912c800fa1e480e5378ed05b373154ef70b.elf
File opened for reading	/proc/735/cmdline	a9cfe7dbdc25e540fae253b4246da912c800fa1e480e5378ed05b373154ef70b.elf
File opened for reading	/proc/778/cmdline	a9cfe7dbdc25e540fae253b4246da912c800fa1e480e5378ed05b373154ef70b.elf
File opened for reading	/proc/4/cmdline	a9cfe7dbdc25e540fae253b4246da912c800fa1e480e5378ed05b373154ef70b.elf
File opened for reading	/proc/70/cmdline	a9cfe7dbdc25e540fae253b4246da912c800fa1e480e5378ed05b373154ef70b.elf
File opened for reading	/proc/715/cmdline	a9cfe7dbdc25e540fae253b4246da912c800fa1e480e5378ed05b373154ef70b.elf
File opened for reading	/proc/784/cmdline	a9cfe7dbdc25e540fae253b4246da912c800fa1e480e5378ed05b373154ef70b.elf
File opened for reading	/proc/785/cmdline	a9cfe7dbdc25e540fae253b4246da912c800fa1e480e5378ed05b373154ef70b.elf
File opened for reading	/proc/680/cmdline	a9cfe7dbdc25e540fae253b4246da912c800fa1e480e5378ed05b373154ef70b.elf
File opened for reading	/proc/696/cmdline	a9cfe7dbdc25e540fae253b4246da912c800fa1e480e5378ed05b373154ef70b.elf
File opened for reading	/proc/14/cmdline	a9cfe7dbdc25e540fae253b4246da912c800fa1e480e5378ed05b373154ef70b.elf
File opened for reading	/proc/771/cmdline	a9cfe7dbdc25e540fae253b4246da912c800fa1e480e5378ed05b373154ef70b.elf
File opened for reading	/proc/782/cmdline	a9cfe7dbdc25e540fae253b4246da912c800fa1e480e5378ed05b373154ef70b.elf
File opened for reading	/proc/11/cmdline	a9cfe7dbdc25e540fae253b4246da912c800fa1e480e5378ed05b373154ef70b.elf
File opened for reading	/proc/12/cmdline	a9cfe7dbdc25e540fae253b4246da912c800fa1e480e5378ed05b373154ef70b.elf
File opened for reading	/proc/732/cmdline	a9cfe7dbdc25e540fae253b4246da912c800fa1e480e5378ed05b373154ef70b.elf
File opened for reading	/proc/71/cmdline	a9cfe7dbdc25e540fae253b4246da912c800fa1e480e5378ed05b373154ef70b.elf
File opened for reading	/proc/713/cmdline	a9cfe7dbdc25e540fae253b4246da912c800fa1e480e5378ed05b373154ef70b.elf
File opened for reading	/proc/769/cmdline	a9cfe7dbdc25e540fae253b4246da912c800fa1e480e5378ed05b373154ef70b.elf
File opened for reading	/proc/794/cmdline	a9cfe7dbdc25e540fae253b4246da912c800fa1e480e5378ed05b373154ef70b.elf
File opened for reading	/proc/10/cmdline	a9cfe7dbdc25e540fae253b4246da912c800fa1e480e5378ed05b373154ef70b.elf
File opened for reading	/proc/37/cmdline	a9cfe7dbdc25e540fae253b4246da912c800fa1e480e5378ed05b373154ef70b.elf
File opened for reading	/proc/82/cmdline	a9cfe7dbdc25e540fae253b4246da912c800fa1e480e5378ed05b373154ef70b.elf
File opened for reading	/proc/665/cmdline	a9cfe7dbdc25e540fae253b4246da912c800fa1e480e5378ed05b373154ef70b.elf
File opened for reading	/proc/799/cmdline	a9cfe7dbdc25e540fae253b4246da912c800fa1e480e5378ed05b373154ef70b.elf
File opened for reading	/proc/800/cmdline	a9cfe7dbdc25e540fae253b4246da912c800fa1e480e5378ed05b373154ef70b.elf
File opened for reading	/proc/809/cmdline	a9cfe7dbdc25e540fae253b4246da912c800fa1e480e5378ed05b373154ef70b.elf
File opened for reading	/proc/1/cmdline	a9cfe7dbdc25e540fae253b4246da912c800fa1e480e5378ed05b373154ef70b.elf
File opened for reading	/proc/3/cmdline	a9cfe7dbdc25e540fae253b4246da912c800fa1e480e5378ed05b373154ef70b.elf
File opened for reading	/proc/783/cmdline	a9cfe7dbdc25e540fae253b4246da912c800fa1e480e5378ed05b373154ef70b.elf
File opened for reading	/proc/701/cmdline	a9cfe7dbdc25e540fae253b4246da912c800fa1e480e5378ed05b373154ef70b.elf
File opened for reading	/proc/727/cmdline	a9cfe7dbdc25e540fae253b4246da912c800fa1e480e5378ed05b373154ef70b.elf
File opened for reading	/proc/726/cmdline	a9cfe7dbdc25e540fae253b4246da912c800fa1e480e5378ed05b373154ef70b.elf
File opened for reading	/proc/743/cmdline	a9cfe7dbdc25e540fae253b4246da912c800fa1e480e5378ed05b373154ef70b.elf
File opened for reading	/proc/6/cmdline	a9cfe7dbdc25e540fae253b4246da912c800fa1e480e5378ed05b373154ef70b.elf
File opened for reading	/proc/707/cmdline	a9cfe7dbdc25e540fae253b4246da912c800fa1e480e5378ed05b373154ef70b.elf
File opened for reading	/proc/227/cmdline	a9cfe7dbdc25e540fae253b4246da912c800fa1e480e5378ed05b373154ef70b.elf
File opened for reading	/proc/750/cmdline	a9cfe7dbdc25e540fae253b4246da912c800fa1e480e5378ed05b373154ef70b.elf
File opened for reading	/proc/765/cmdline	a9cfe7dbdc25e540fae253b4246da912c800fa1e480e5378ed05b373154ef70b.elf
File opened for reading	/proc/766/cmdline	a9cfe7dbdc25e540fae253b4246da912c800fa1e480e5378ed05b373154ef70b.elf
File opened for reading	/proc/768/cmdline	a9cfe7dbdc25e540fae253b4246da912c800fa1e480e5378ed05b373154ef70b.elf

/tmp/a9cfe7dbdc25e540fae253b4246da912c800fa1e480e5378ed05b373154ef70b.elf
/tmp/a9cfe7dbdc25e540fae253b4246da912c800fa1e480e5378ed05b373154ef70b.elf
1⤵
- Changes its process name
- Reads runtime system information
PID:703

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads