Overview

overview

10

Static

static

10

hmips.elf

debian-9-mips

9

Resubmissions

21-12-2024 14:21

241221-rn847s1nal 10

21-12-2024 14:20

241221-rnekla1lgy 10

21-12-2024 14:17

241221-rl8ews1mgj 10

21-12-2024 14:11

241221-rg86ma1lax 10

Analysis

  • max time kernel
    2s
  • max time network
    15s
  • platform
    debian-9_mips
  • resource
    debian9-mipsbe-20240611-en
  • resource tags

    arch:mipsimage:debian9-mipsbe-20240611-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipssystem
  • submitted
    21-12-2024 14:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    hmips.elf

  • Size

    83KB

  • MD5

    23a0598f20eedd3be23be91892dea3a7

  • SHA1

    337b56ae51839bfbf6c2c5ed7556b5f6569bdd77

  • SHA256

    874a3ac4fd35321b47b7c4f6a3de963f239ef599fca5e4ee0fbda832b2ade89c

  • SHA512

    ad6618896630a3f3c767a9b0b87f9dcd15a51a81ea90214ee6c0783ec60e8f9db2f1f644854b6e8a7280ad670fad923e6241465c6904f2cbd4219e0e6dc88afa

  • SSDEEP

    1536:gjEoAtpCXtKitKzVKkYVFGlKzAZavduOPsSgkGRgbKkBfWE1fpQ6B/86YX8ZM3P+:zoA3CrFRAaduOPsSgkGRgbKkBfWE1fph

Score
9/10
discovery

Malware Config

Signatures

  • Contacts a large (3306) amount of remote hosts 1 TTPs

    This may indicate a network scan to discover remotely running services.

    discovery
  • Unexpected DNS network traffic destination 1 IoCs

    Network traffic to other servers than the configured DNS servers was detected on the DNS port.

  • Changes its process name 1 IoCs
  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

    discovery
  • System Network Configuration Discovery 1 TTPs 1 IoCs

    Adversaries may gather information about the network configuration of a system.

    discovery

Processes

  • /tmp/hmips.elf
    /tmp/hmips.elf
    1⤵
    • Changes its process name
    • Reads runtime system information
    • System Network Configuration Discovery
    PID:705

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads