698d20cd37c0fb16f1e5b37f8cf6320947c212c009725cb7a5b17de34bc1f32a

Analysis

max time kernel
151s
max time network
152s
platform
debian-12_mipsel
resource
debian12-mipsel-20240221-en
resource tags

arch:mipselimage:debian12-mipsel-20240221-enkernel:6.1.0-17-4kc-maltalocale:en-usos:debian-12-mipselsystem
submitted
23-12-2024 02:10

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

698d20cd37c0fb16f1e5b37f8cf6320947c212c009725cb7a5b17de34bc1f32a.elf
Size

173KB
MD5

99279f22658eef897ecc808c09ccdc75
SHA1

d028156dcc29a3d40db36c0c53cee6c1f4788f5c
SHA256

698d20cd37c0fb16f1e5b37f8cf6320947c212c009725cb7a5b17de34bc1f32a
SHA512

d287993c0b6cae1ee02e010fe8a9829d5d7e919ab1c59e4eb22427c4ee83209a16ff6c4b6c774c537d08a762031e896bc14f0e52ef783f4ac1b9f6a06789216f
SSDEEP

3072:uCQDElnT/hX5MZ6vKOgwRl6adAbVNj+K/iy8:uCQQRzhaZ6vFg+ljmLSK/

Score

6^/10

discovery

Malware Config

Signatures

Enumerates running processes
Discovers information about currently running processes on the system

Changes its process name 1 IoCs

description	ioc	pid	Process
Changes the process name, possibly in an attempt to hide itself	-"6	741	698d20cd37c0fb16f1e5b37f8cf6320947c212c009725cb7a5b17de34bc1f32a.elf

Reads runtime system information 64 IoCs

Reads data from /proc virtual filesystem.

discovery

description	ioc	Process
File opened for reading	/proc/34/cmdline	698d20cd37c0fb16f1e5b37f8cf6320947c212c009725cb7a5b17de34bc1f32a.elf
File opened for reading	/proc/113/cmdline	698d20cd37c0fb16f1e5b37f8cf6320947c212c009725cb7a5b17de34bc1f32a.elf
File opened for reading	/proc/28/cmdline	698d20cd37c0fb16f1e5b37f8cf6320947c212c009725cb7a5b17de34bc1f32a.elf
File opened for reading	/proc/750/cmdline	698d20cd37c0fb16f1e5b37f8cf6320947c212c009725cb7a5b17de34bc1f32a.elf
File opened for reading	/proc/136/cmdline	698d20cd37c0fb16f1e5b37f8cf6320947c212c009725cb7a5b17de34bc1f32a.elf
File opened for reading	/proc/786/cmdline	698d20cd37c0fb16f1e5b37f8cf6320947c212c009725cb7a5b17de34bc1f32a.elf
File opened for reading	/proc/14/cmdline	698d20cd37c0fb16f1e5b37f8cf6320947c212c009725cb7a5b17de34bc1f32a.elf
File opened for reading	/proc/35/cmdline	698d20cd37c0fb16f1e5b37f8cf6320947c212c009725cb7a5b17de34bc1f32a.elf
File opened for reading	/proc/117/cmdline	698d20cd37c0fb16f1e5b37f8cf6320947c212c009725cb7a5b17de34bc1f32a.elf
File opened for reading	/proc/48/cmdline	698d20cd37c0fb16f1e5b37f8cf6320947c212c009725cb7a5b17de34bc1f32a.elf
File opened for reading	/proc/114/cmdline	698d20cd37c0fb16f1e5b37f8cf6320947c212c009725cb7a5b17de34bc1f32a.elf
File opened for reading	/proc/402/cmdline	698d20cd37c0fb16f1e5b37f8cf6320947c212c009725cb7a5b17de34bc1f32a.elf
File opened for reading	/proc/710/cmdline	698d20cd37c0fb16f1e5b37f8cf6320947c212c009725cb7a5b17de34bc1f32a.elf
File opened for reading	/proc/7/cmdline	698d20cd37c0fb16f1e5b37f8cf6320947c212c009725cb7a5b17de34bc1f32a.elf
File opened for reading	/proc/27/cmdline	698d20cd37c0fb16f1e5b37f8cf6320947c212c009725cb7a5b17de34bc1f32a.elf
File opened for reading	/proc/9/cmdline	698d20cd37c0fb16f1e5b37f8cf6320947c212c009725cb7a5b17de34bc1f32a.elf
File opened for reading	/proc/25/cmdline	698d20cd37c0fb16f1e5b37f8cf6320947c212c009725cb7a5b17de34bc1f32a.elf
File opened for reading	/proc/12/cmdline	698d20cd37c0fb16f1e5b37f8cf6320947c212c009725cb7a5b17de34bc1f32a.elf
File opened for reading	/proc/752/cmdline	698d20cd37c0fb16f1e5b37f8cf6320947c212c009725cb7a5b17de34bc1f32a.elf
File opened for reading	/proc/774/cmdline	698d20cd37c0fb16f1e5b37f8cf6320947c212c009725cb7a5b17de34bc1f32a.elf
File opened for reading	/proc/780/cmdline	698d20cd37c0fb16f1e5b37f8cf6320947c212c009725cb7a5b17de34bc1f32a.elf
File opened for reading	/proc/781/cmdline	698d20cd37c0fb16f1e5b37f8cf6320947c212c009725cb7a5b17de34bc1f32a.elf
File opened for reading	/proc/17/cmdline	698d20cd37c0fb16f1e5b37f8cf6320947c212c009725cb7a5b17de34bc1f32a.elf
File opened for reading	/proc/18/cmdline	698d20cd37c0fb16f1e5b37f8cf6320947c212c009725cb7a5b17de34bc1f32a.elf
File opened for reading	/proc/20/cmdline	698d20cd37c0fb16f1e5b37f8cf6320947c212c009725cb7a5b17de34bc1f32a.elf
File opened for reading	/proc/394/cmdline	698d20cd37c0fb16f1e5b37f8cf6320947c212c009725cb7a5b17de34bc1f32a.elf
File opened for reading	/proc/45/cmdline	698d20cd37c0fb16f1e5b37f8cf6320947c212c009725cb7a5b17de34bc1f32a.elf
File opened for reading	/proc/679/cmdline	698d20cd37c0fb16f1e5b37f8cf6320947c212c009725cb7a5b17de34bc1f32a.elf
File opened for reading	/proc/770/cmdline	698d20cd37c0fb16f1e5b37f8cf6320947c212c009725cb7a5b17de34bc1f32a.elf
File opened for reading	/proc/775/cmdline	698d20cd37c0fb16f1e5b37f8cf6320947c212c009725cb7a5b17de34bc1f32a.elf
File opened for reading	/proc/776/cmdline	698d20cd37c0fb16f1e5b37f8cf6320947c212c009725cb7a5b17de34bc1f32a.elf
File opened for reading	/proc/5/cmdline	698d20cd37c0fb16f1e5b37f8cf6320947c212c009725cb7a5b17de34bc1f32a.elf
File opened for reading	/proc/13/cmdline	698d20cd37c0fb16f1e5b37f8cf6320947c212c009725cb7a5b17de34bc1f32a.elf
File opened for reading	/proc/112/cmdline	698d20cd37c0fb16f1e5b37f8cf6320947c212c009725cb7a5b17de34bc1f32a.elf
File opened for reading	/proc/762/cmdline	698d20cd37c0fb16f1e5b37f8cf6320947c212c009725cb7a5b17de34bc1f32a.elf
File opened for reading	/proc/761/cmdline	698d20cd37c0fb16f1e5b37f8cf6320947c212c009725cb7a5b17de34bc1f32a.elf
File opened for reading	/proc/767/cmdline	698d20cd37c0fb16f1e5b37f8cf6320947c212c009725cb7a5b17de34bc1f32a.elf
File opened for reading	/proc/768/cmdline	698d20cd37c0fb16f1e5b37f8cf6320947c212c009725cb7a5b17de34bc1f32a.elf
File opened for reading	/proc/784/cmdline	698d20cd37c0fb16f1e5b37f8cf6320947c212c009725cb7a5b17de34bc1f32a.elf
File opened for reading	/proc/6/cmdline	698d20cd37c0fb16f1e5b37f8cf6320947c212c009725cb7a5b17de34bc1f32a.elf
File opened for reading	/proc/23/cmdline	698d20cd37c0fb16f1e5b37f8cf6320947c212c009725cb7a5b17de34bc1f32a.elf
File opened for reading	/proc/400/cmdline	698d20cd37c0fb16f1e5b37f8cf6320947c212c009725cb7a5b17de34bc1f32a.elf
File opened for reading	/proc/755/cmdline	698d20cd37c0fb16f1e5b37f8cf6320947c212c009725cb7a5b17de34bc1f32a.elf
File opened for reading	/proc/769/cmdline	698d20cd37c0fb16f1e5b37f8cf6320947c212c009725cb7a5b17de34bc1f32a.elf
File opened for reading	/proc/744/cmdline	698d20cd37c0fb16f1e5b37f8cf6320947c212c009725cb7a5b17de34bc1f32a.elf
File opened for reading	/proc/745/cmdline	698d20cd37c0fb16f1e5b37f8cf6320947c212c009725cb7a5b17de34bc1f32a.elf
File opened for reading	/proc/33/cmdline	698d20cd37c0fb16f1e5b37f8cf6320947c212c009725cb7a5b17de34bc1f32a.elf
File opened for reading	/proc/3/cmdline	698d20cd37c0fb16f1e5b37f8cf6320947c212c009725cb7a5b17de34bc1f32a.elf
File opened for reading	/proc/137/cmdline	698d20cd37c0fb16f1e5b37f8cf6320947c212c009725cb7a5b17de34bc1f32a.elf
File opened for reading	/proc/320/cmdline	698d20cd37c0fb16f1e5b37f8cf6320947c212c009725cb7a5b17de34bc1f32a.elf
File opened for reading	/proc/785/cmdline	698d20cd37c0fb16f1e5b37f8cf6320947c212c009725cb7a5b17de34bc1f32a.elf
File opened for reading	/proc/29/cmdline	698d20cd37c0fb16f1e5b37f8cf6320947c212c009725cb7a5b17de34bc1f32a.elf
File opened for reading	/proc/30/cmdline	698d20cd37c0fb16f1e5b37f8cf6320947c212c009725cb7a5b17de34bc1f32a.elf
File opened for reading	/proc/59/cmdline	698d20cd37c0fb16f1e5b37f8cf6320947c212c009725cb7a5b17de34bc1f32a.elf
File opened for reading	/proc/746/cmdline	698d20cd37c0fb16f1e5b37f8cf6320947c212c009725cb7a5b17de34bc1f32a.elf
File opened for reading	/proc/759/cmdline	698d20cd37c0fb16f1e5b37f8cf6320947c212c009725cb7a5b17de34bc1f32a.elf
File opened for reading	/proc/4/cmdline	698d20cd37c0fb16f1e5b37f8cf6320947c212c009725cb7a5b17de34bc1f32a.elf
File opened for reading	/proc/16/cmdline	698d20cd37c0fb16f1e5b37f8cf6320947c212c009725cb7a5b17de34bc1f32a.elf
File opened for reading	/proc/178/cmdline	698d20cd37c0fb16f1e5b37f8cf6320947c212c009725cb7a5b17de34bc1f32a.elf
File opened for reading	/proc/733/cmdline	698d20cd37c0fb16f1e5b37f8cf6320947c212c009725cb7a5b17de34bc1f32a.elf
File opened for reading	/proc/760/cmdline	698d20cd37c0fb16f1e5b37f8cf6320947c212c009725cb7a5b17de34bc1f32a.elf
File opened for reading	/proc/764/cmdline	698d20cd37c0fb16f1e5b37f8cf6320947c212c009725cb7a5b17de34bc1f32a.elf
File opened for reading	/proc/772/cmdline	698d20cd37c0fb16f1e5b37f8cf6320947c212c009725cb7a5b17de34bc1f32a.elf
File opened for reading	/proc/24/cmdline	698d20cd37c0fb16f1e5b37f8cf6320947c212c009725cb7a5b17de34bc1f32a.elf

/tmp/698d20cd37c0fb16f1e5b37f8cf6320947c212c009725cb7a5b17de34bc1f32a.elf
/tmp/698d20cd37c0fb16f1e5b37f8cf6320947c212c009725cb7a5b17de34bc1f32a.elf
1⤵
- Changes its process name
- Reads runtime system information
PID:741

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads