032c098cc80b9f6e06be43f3dcd3772af914e1cc1b999ee66b8b3c87573320dd

Analysis

max time kernel
150s
max time network
133s
platform
debian-9_mips
resource
debian9-mipsbe-20240729-en
resource tags

arch:mipsimage:debian9-mipsbe-20240729-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipssystem
submitted
23-12-2024 02:00

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

032c098cc80b9f6e06be43f3dcd3772af914e1cc1b999ee66b8b3c87573320dd.elf
Size

169KB
MD5

61d1c2838055600e695ab1d68fb7f63c
SHA1

eefdb6413a60c6e6e51265a9e2708d8126fcafd6
SHA256

032c098cc80b9f6e06be43f3dcd3772af914e1cc1b999ee66b8b3c87573320dd
SHA512

3af5316b10aa568bb7f496849c64be2906ee3027cc0b1b1e1e94a2a564499e5c148bebad2085815f4dcb1be5e35260a8b2151cb150f81b6b30465f85ca3ab03b
SSDEEP

1536:T16zePrQiQY35Y05Y9vt6Sw6cFL+z14R7oOe/3LM76qfTOSV2dLi6jyfj2dN:TnPvQK46SKFahy7ox3LIS4OLnyfj2dN

Score

6^/10

discovery

Malware Config

Signatures

Enumerates running processes
Discovers information about currently running processes on the system

Changes its process name 1 IoCs

description	ioc	pid	Process
Changes the process name, possibly in an attempt to hide itself	-"6	712	032c098cc80b9f6e06be43f3dcd3772af914e1cc1b999ee66b8b3c87573320dd.elf

Reads runtime system information 64 IoCs

Reads data from /proc virtual filesystem.

discovery

description	ioc	Process
File opened for reading	/proc/748/cmdline	032c098cc80b9f6e06be43f3dcd3772af914e1cc1b999ee66b8b3c87573320dd.elf
File opened for reading	/proc/757/cmdline	032c098cc80b9f6e06be43f3dcd3772af914e1cc1b999ee66b8b3c87573320dd.elf
File opened for reading	/proc/775/cmdline	032c098cc80b9f6e06be43f3dcd3772af914e1cc1b999ee66b8b3c87573320dd.elf
File opened for reading	/proc/6/cmdline	032c098cc80b9f6e06be43f3dcd3772af914e1cc1b999ee66b8b3c87573320dd.elf
File opened for reading	/proc/8/cmdline	032c098cc80b9f6e06be43f3dcd3772af914e1cc1b999ee66b8b3c87573320dd.elf
File opened for reading	/proc/71/cmdline	032c098cc80b9f6e06be43f3dcd3772af914e1cc1b999ee66b8b3c87573320dd.elf
File opened for reading	/proc/715/cmdline	032c098cc80b9f6e06be43f3dcd3772af914e1cc1b999ee66b8b3c87573320dd.elf
File opened for reading	/proc/723/cmdline	032c098cc80b9f6e06be43f3dcd3772af914e1cc1b999ee66b8b3c87573320dd.elf
File opened for reading	/proc/804/cmdline	032c098cc80b9f6e06be43f3dcd3772af914e1cc1b999ee66b8b3c87573320dd.elf
File opened for reading	/proc/755/cmdline	032c098cc80b9f6e06be43f3dcd3772af914e1cc1b999ee66b8b3c87573320dd.elf
File opened for reading	/proc/794/cmdline	032c098cc80b9f6e06be43f3dcd3772af914e1cc1b999ee66b8b3c87573320dd.elf
File opened for reading	/proc/425/cmdline	032c098cc80b9f6e06be43f3dcd3772af914e1cc1b999ee66b8b3c87573320dd.elf
File opened for reading	/proc/711/cmdline	032c098cc80b9f6e06be43f3dcd3772af914e1cc1b999ee66b8b3c87573320dd.elf
File opened for reading	/proc/728/cmdline	032c098cc80b9f6e06be43f3dcd3772af914e1cc1b999ee66b8b3c87573320dd.elf
File opened for reading	/proc/735/cmdline	032c098cc80b9f6e06be43f3dcd3772af914e1cc1b999ee66b8b3c87573320dd.elf
File opened for reading	/proc/741/cmdline	032c098cc80b9f6e06be43f3dcd3772af914e1cc1b999ee66b8b3c87573320dd.elf
File opened for reading	/proc/725/cmdline	032c098cc80b9f6e06be43f3dcd3772af914e1cc1b999ee66b8b3c87573320dd.elf
File opened for reading	/proc/773/cmdline	032c098cc80b9f6e06be43f3dcd3772af914e1cc1b999ee66b8b3c87573320dd.elf
File opened for reading	/proc/776/cmdline	032c098cc80b9f6e06be43f3dcd3772af914e1cc1b999ee66b8b3c87573320dd.elf
File opened for reading	/proc/801/cmdline	032c098cc80b9f6e06be43f3dcd3772af914e1cc1b999ee66b8b3c87573320dd.elf
File opened for reading	/proc/22/cmdline	032c098cc80b9f6e06be43f3dcd3772af914e1cc1b999ee66b8b3c87573320dd.elf
File opened for reading	/proc/789/cmdline	032c098cc80b9f6e06be43f3dcd3772af914e1cc1b999ee66b8b3c87573320dd.elf
File opened for reading	/proc/815/cmdline	032c098cc80b9f6e06be43f3dcd3772af914e1cc1b999ee66b8b3c87573320dd.elf
File opened for reading	/proc/362/cmdline	032c098cc80b9f6e06be43f3dcd3772af914e1cc1b999ee66b8b3c87573320dd.elf
File opened for reading	/proc/739/cmdline	032c098cc80b9f6e06be43f3dcd3772af914e1cc1b999ee66b8b3c87573320dd.elf
File opened for reading	/proc/753/cmdline	032c098cc80b9f6e06be43f3dcd3772af914e1cc1b999ee66b8b3c87573320dd.elf
File opened for reading	/proc/759/cmdline	032c098cc80b9f6e06be43f3dcd3772af914e1cc1b999ee66b8b3c87573320dd.elf
File opened for reading	/proc/13/cmdline	032c098cc80b9f6e06be43f3dcd3772af914e1cc1b999ee66b8b3c87573320dd.elf
File opened for reading	/proc/704/cmdline	032c098cc80b9f6e06be43f3dcd3772af914e1cc1b999ee66b8b3c87573320dd.elf
File opened for reading	/proc/736/cmdline	032c098cc80b9f6e06be43f3dcd3772af914e1cc1b999ee66b8b3c87573320dd.elf
File opened for reading	/proc/747/cmdline	032c098cc80b9f6e06be43f3dcd3772af914e1cc1b999ee66b8b3c87573320dd.elf
File opened for reading	/proc/9/cmdline	032c098cc80b9f6e06be43f3dcd3772af914e1cc1b999ee66b8b3c87573320dd.elf
File opened for reading	/proc/110/cmdline	032c098cc80b9f6e06be43f3dcd3772af914e1cc1b999ee66b8b3c87573320dd.elf
File opened for reading	/proc/358/cmdline	032c098cc80b9f6e06be43f3dcd3772af914e1cc1b999ee66b8b3c87573320dd.elf
File opened for reading	/proc/683/cmdline	032c098cc80b9f6e06be43f3dcd3772af914e1cc1b999ee66b8b3c87573320dd.elf
File opened for reading	/proc/727/cmdline	032c098cc80b9f6e06be43f3dcd3772af914e1cc1b999ee66b8b3c87573320dd.elf
File opened for reading	/proc/791/cmdline	032c098cc80b9f6e06be43f3dcd3772af914e1cc1b999ee66b8b3c87573320dd.elf
File opened for reading	/proc/798/cmdline	032c098cc80b9f6e06be43f3dcd3772af914e1cc1b999ee66b8b3c87573320dd.elf
File opened for reading	/proc/811/cmdline	032c098cc80b9f6e06be43f3dcd3772af914e1cc1b999ee66b8b3c87573320dd.elf
File opened for reading	/proc/83/cmdline	032c098cc80b9f6e06be43f3dcd3772af914e1cc1b999ee66b8b3c87573320dd.elf
File opened for reading	/proc/721/cmdline	032c098cc80b9f6e06be43f3dcd3772af914e1cc1b999ee66b8b3c87573320dd.elf
File opened for reading	/proc/760/cmdline	032c098cc80b9f6e06be43f3dcd3772af914e1cc1b999ee66b8b3c87573320dd.elf
File opened for reading	/proc/780/cmdline	032c098cc80b9f6e06be43f3dcd3772af914e1cc1b999ee66b8b3c87573320dd.elf
File opened for reading	/proc/799/cmdline	032c098cc80b9f6e06be43f3dcd3772af914e1cc1b999ee66b8b3c87573320dd.elf
File opened for reading	/proc/1/cmdline	032c098cc80b9f6e06be43f3dcd3772af914e1cc1b999ee66b8b3c87573320dd.elf
File opened for reading	/proc/69/cmdline	032c098cc80b9f6e06be43f3dcd3772af914e1cc1b999ee66b8b3c87573320dd.elf
File opened for reading	/proc/746/cmdline	032c098cc80b9f6e06be43f3dcd3772af914e1cc1b999ee66b8b3c87573320dd.elf
File opened for reading	/proc/766/cmdline	032c098cc80b9f6e06be43f3dcd3772af914e1cc1b999ee66b8b3c87573320dd.elf
File opened for reading	/proc/777/cmdline	032c098cc80b9f6e06be43f3dcd3772af914e1cc1b999ee66b8b3c87573320dd.elf
File opened for reading	/proc/738/cmdline	032c098cc80b9f6e06be43f3dcd3772af914e1cc1b999ee66b8b3c87573320dd.elf
File opened for reading	/proc/733/cmdline	032c098cc80b9f6e06be43f3dcd3772af914e1cc1b999ee66b8b3c87573320dd.elf
File opened for reading	/proc/763/cmdline	032c098cc80b9f6e06be43f3dcd3772af914e1cc1b999ee66b8b3c87573320dd.elf
File opened for reading	/proc/765/cmdline	032c098cc80b9f6e06be43f3dcd3772af914e1cc1b999ee66b8b3c87573320dd.elf
File opened for reading	/proc/3/cmdline	032c098cc80b9f6e06be43f3dcd3772af914e1cc1b999ee66b8b3c87573320dd.elf
File opened for reading	/proc/11/cmdline	032c098cc80b9f6e06be43f3dcd3772af914e1cc1b999ee66b8b3c87573320dd.elf
File opened for reading	/proc/17/cmdline	032c098cc80b9f6e06be43f3dcd3772af914e1cc1b999ee66b8b3c87573320dd.elf
File opened for reading	/proc/127/cmdline	032c098cc80b9f6e06be43f3dcd3772af914e1cc1b999ee66b8b3c87573320dd.elf
File opened for reading	/proc/724/cmdline	032c098cc80b9f6e06be43f3dcd3772af914e1cc1b999ee66b8b3c87573320dd.elf
File opened for reading	/proc/806/cmdline	032c098cc80b9f6e06be43f3dcd3772af914e1cc1b999ee66b8b3c87573320dd.elf
File opened for reading	/proc/817/cmdline	032c098cc80b9f6e06be43f3dcd3772af914e1cc1b999ee66b8b3c87573320dd.elf
File opened for reading	/proc/72/cmdline	032c098cc80b9f6e06be43f3dcd3772af914e1cc1b999ee66b8b3c87573320dd.elf
File opened for reading	/proc/705/cmdline	032c098cc80b9f6e06be43f3dcd3772af914e1cc1b999ee66b8b3c87573320dd.elf
File opened for reading	/proc/740/cmdline	032c098cc80b9f6e06be43f3dcd3772af914e1cc1b999ee66b8b3c87573320dd.elf
File opened for reading	/proc/762/cmdline	032c098cc80b9f6e06be43f3dcd3772af914e1cc1b999ee66b8b3c87573320dd.elf

/tmp/032c098cc80b9f6e06be43f3dcd3772af914e1cc1b999ee66b8b3c87573320dd.elf
/tmp/032c098cc80b9f6e06be43f3dcd3772af914e1cc1b999ee66b8b3c87573320dd.elf
1⤵
- Changes its process name
- Reads runtime system information
PID:712

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads