Overview

overview

10

Static

static

10

1392-1-0x0...ry.dmp

ubuntu-22.04-amd64

7

Analysis

  • max time kernel
    148s
  • max time network
    153s
  • platform
    ubuntu-22.04_amd64
  • resource
    ubuntu2204-amd64-20240611-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2204-amd64-20240611-enkernel:5.15.0-105-genericlocale:en-usos:ubuntu-22.04-amd64system
  • submitted
    27-12-2024 01:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1392-1-0x0000000008048000-0x000000000805bc08-memory.dmp

  • Size

    76KB

  • MD5

    47c23a9752d8c184f0c32b5501434566

  • SHA1

    087037943fc79a57b8e8fa83768c0963566a421c

  • SHA256

    f1347230af8172479a8ea1bbb7dafb0ec06c2cee626652dcf99f279b407d69dd

  • SHA512

    407c9397495e9881367cc8cda3a599d7d9c6e5ae20ac7379b75e1b4a8728ce05e79660a0ec5c0633c0c8fe5e4a371414fd0fb7c4b82fdb0014dee91415d82255

  • SSDEEP

    1536:/xTlM904jZVzd6kzGoYGiapUN31gRr313kPQxrm:/xm90OZVz9Z6K9GIlm

Score
7/10
defense_evasiondiscovery

Malware Config

Signatures

  • Modifies Watchdog functionality 1 TTPs 2 IoCs

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    defense_evasion
  • Enumerates running processes

    Discovers information about currently running processes on the system

  • Writes file to system bin folder 2 IoCs
  • Reads runtime system information 64 IoCs

    Reads data from /proc virtual filesystem.

    discovery

Processes

  • /tmp/1392-1-0x0000000008048000-0x000000000805bc08-memory.dmp
    /tmp/1392-1-0x0000000008048000-0x000000000805bc08-memory.dmp
    1⤵
    • Modifies Watchdog functionality
    • Writes file to system bin folder
    • Reads runtime system information
    PID:1588

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads