Analysis

  • max time kernel
    2s
  • platform
    debian-9_mips
  • resource
    debian9-mipsbe-20240611-en
  • resource tags

    arch:mipsimage:debian9-mipsbe-20240611-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipssystem
  • submitted
    23-12-2024 15:10

General

  • Target

    Opensea Mint/libraries.dll

  • Size

    118KB

  • MD5

    01249bb3f9b8e4da9950f53a4e569865

  • SHA1

    7e16f5eabdd0fcaa708832ff4eb82f7bdef7206d

  • SHA256

    6396d6670598c51c5ae723f8209d850bfba736b0814e42e5432cc16bbdde0703

  • SHA512

    389128c32377af7257b5c719abc2c95132f78b95c103bb2e9e8780430d7ab94f1eab0ef84607bfec31bf9dffee4d0daa0694c6f9bfd5f4416813b784f2e63f5a

  • SSDEEP

    1536:Nt5rrjRrUw13Vsw13VVw13V2HI3SjnFf3h1OOr41r4bFJj5ftereQkeZegz:NtJPhrhn/5OKHV4reQXg4

Score
3/10

Malware Config

Signatures

  • Reads runtime system information 5 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/Opensea Mint/libraries.dll
    "/tmp/Opensea Mint/libraries.dll"
    1⤵
      PID:711
    • /usr/local/sbin/bash
      bash "/tmp/Opensea Mint/libraries.dll"
      1⤵
        PID:711
      • /usr/local/bin/bash
        bash "/tmp/Opensea Mint/libraries.dll"
        1⤵
          PID:711
        • /usr/sbin/bash
          bash "/tmp/Opensea Mint/libraries.dll"
          1⤵
            PID:711
          • /usr/bin/bash
            bash "/tmp/Opensea Mint/libraries.dll"
            1⤵
              PID:711
            • /sbin/bash
              bash "/tmp/Opensea Mint/libraries.dll"
              1⤵
                PID:711
              • /bin/bash
                bash "/tmp/Opensea Mint/libraries.dll"
                1⤵
                  PID:711
                  • /usr/bin/dirname
                    dirname "/tmp/Opensea Mint/libraries.dll"
                    2⤵
                      PID:719
                    • /bin/sed
                      sed -E "s/.*m0*([0-9]+).pm/\\1/"
                      2⤵
                      • Reads runtime system information
                      PID:724
                    • /bin/ls
                      ls "/tmp/Opensea Mint/test_modules/*.pm"
                      2⤵
                      • Reads runtime system information
                      PID:723
                    • /usr/bin/tr
                      tr " " "\\n"
                      2⤵
                        PID:731
                      • /usr/bin/sort
                        sort -u -n
                        2⤵
                          PID:732
                        • /usr/bin/tr
                          tr "\\n" " "
                          2⤵
                            PID:733
                          • /bin/sed
                            sed -E "s/.*module_0*([0-9]+).c/\\1/"
                            2⤵
                            • Reads runtime system information
                            PID:736
                          • /bin/grep
                            grep -l OPTS_TYPE_SUGGEST_KG "/tmp/Opensea Mint/../src/modules/module_*.c"
                            2⤵
                              PID:735
                            • /usr/bin/tr
                              tr "\\n" " "
                              2⤵
                                PID:737
                              • /bin/grep
                                grep -l OPTS_TYPE_BINARY_HASHFILE "/tmp/Opensea Mint/../src/modules/module_*.c"
                                2⤵
                                  PID:740
                                • /usr/bin/tr
                                  tr "\\n" " "
                                  2⤵
                                    PID:742
                                  • /bin/sed
                                    sed -E "s/.*module_0*([0-9]+).c/\\1/"
                                    2⤵
                                    • Reads runtime system information
                                    PID:741
                                  • /bin/grep
                                    grep -l ATTACK_EXEC_OUTSIDE_KERNEL "/tmp/Opensea Mint/../src/modules/module_*.c"
                                    2⤵
                                      PID:745
                                    • /usr/bin/tr
                                      tr "\\n" " "
                                      2⤵
                                        PID:747
                                      • /bin/sed
                                        sed -E "s/.*module_0*([0-9]+).c/\\1/"
                                        2⤵
                                        • Reads runtime system information
                                        PID:746
                                      • /bin/date
                                        date "+%s"
                                        2⤵
                                          PID:748
                                        • /bin/uname
                                          uname
                                          2⤵
                                            PID:752
                                          • /bin/uname
                                            uname
                                            2⤵
                                              PID:753

                                          Network

                                          MITRE ATT&CK Matrix

                                          Replay Monitor

                                          Loading Replay Monitor...

                                          Downloads