Analysis

  • max time kernel
    131s
  • max time network
    153s
  • platform
    debian-9_mips
  • resource
    debian9-mipsbe-20240611-en
  • resource tags

    arch:mipsimage:debian9-mipsbe-20240611-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipssystem
  • submitted
    19-12-2024 21:21

General

  • Target

    kqibeps.elf

  • Size

    205KB

  • MD5

    4146b3461b3d1a2fcd7157add57eb505

  • SHA1

    1ef3c2923417681a6b0c80feba36b8571844c8ef

  • SHA256

    0544792326ff724698af3c29759a44009df1c7c7c95aa89f31551444ca2ec2ca

  • SHA512

    9919e5fc07ea3068fd1d01aae8aa073c6c4e0cb604a29001bded4b8e096828ed6a56bf7c2494d4d44fc1ef0dfde326593bd60974415fc96063cc8e77555da7eb

  • SSDEEP

    3072:aJqJnm1aRFJWHU3SYVVwNx4ONReLjQ7E4TTkHgy:aJqJnm1a3JWPUV9ONojQQwTkAy

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Enumerates running processes

    Discovers information about currently running processes on the system

  • Changes its process name 1 IoCs
  • Reads runtime system information 55 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/kqibeps.elf
    /tmp/kqibeps.elf
    1⤵
    • Deletes itself
    • Changes its process name
    • Reads runtime system information
    PID:703

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads