324cf363149eb9264bac519d0cdb8fd93e3f211cd2e5cd3f9d784be8c1cb2ee0

Analysis

max time kernel
5s
platform
debian-9_mips
resource
debian9-mipsbe-20240611-en
resource tags

arch:mipsimage:debian9-mipsbe-20240611-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipssystem
submitted
27-12-2024 05:32

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

RpcSecurity.mips.elf
Size

75KB
MD5

b42000c87e42345dffd95c15b6ac2428
SHA1

52e9fa49ce26d85ad5dfbabe98d8ed178705c542
SHA256

324cf363149eb9264bac519d0cdb8fd93e3f211cd2e5cd3f9d784be8c1cb2ee0
SHA512

c239f7931b97709b363be637d3f60b7c3c60b181d86ed636b2d7d3d51e49761009c76bde64ef81ca95fc5a3da1ba48e83450970a0f2e6720634a5cbb40e6babf
SSDEEP

1536:bpxe5qoct9fdlQBI6rNnnUFndlBotYG9CJa10qDv:Fx3oANdiWndvomgC47

Score

6^/10

discovery

Malware Config

Signatures

Enumerates active TCP sockets 1 TTPs 1 IoCs

Gets active TCP sockets from /proc virtual filesystem.

discovery

System Network Connections Discovery

T1049

description	ioc	Process
File opened for reading	/proc/net/tcp	RpcSecurity.mips.elf

Reads system network configuration 1 TTPs 1 IoCs

Uses contents of /proc filesystem to enumerate network settings.

discovery

Internet Connection Discovery

T1016.001

description	ioc	Process
File opened for reading	/proc/net/tcp	RpcSecurity.mips.elf

System Network Configuration Discovery 1 TTPs 1 IoCs

Adversaries may gather information about the network configuration of a system.

discovery

System Network Configuration Discovery

T1016

pid	Process
715	RpcSecurity.mips.elf

/tmp/RpcSecurity.mips.elf
/tmp/RpcSecurity.mips.elf
1⤵
- Enumerates active TCP sockets
- Reads system network configuration
- System Network Configuration Discovery
PID:715

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

T1016

Internet Connection Discovery

T1016.001

System Network Connections Discovery

T1049

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads