Overview

overview

10

Static

static

10

1610-1-0x0...ry.dmp

ubuntu-22.04-amd64

7

Analysis

  • max time kernel
    136s
  • max time network
    146s
  • platform
    ubuntu-22.04_amd64
  • resource
    ubuntu2204-amd64-20240611-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2204-amd64-20240611-enkernel:5.15.0-105-genericlocale:en-usos:ubuntu-22.04-amd64system
  • submitted
    27-12-2024 14:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1610-1-0x0000000008048000-0x000000000805bc08-memory.dmp

  • Size

    76KB

  • MD5

    0862d4cae36f0d7d883b332f62241302

  • SHA1

    a158d31f940265373c4f026307d794f19f316606

  • SHA256

    8c7203c1f364eb9e64e90af45218eceb0f330aeaf395428e0b110c75769b3a01

  • SHA512

    3b6ada2a3f49d091ec0f8de02f79a5c07cd02c503fca92c866140596a50629a03c124fd01364c1d6d10448f913a6103a9aa0fa5551f2d30bdb1ee8011c6fed51

  • SSDEEP

    1536:FpmO4tlM904j3Kd60nGoQm+6JUt31gRr3VXgPgprm:PJ4g90O3KR16K96INm

Score
7/10
defense_evasiondiscovery

Malware Config

Signatures

  • Modifies Watchdog functionality 1 TTPs 2 IoCs

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    defense_evasion
  • Enumerates running processes

    Discovers information about currently running processes on the system

  • Writes file to system bin folder 2 IoCs
  • Reads runtime system information 64 IoCs

    Reads data from /proc virtual filesystem.

    discovery

Processes

  • /tmp/1610-1-0x0000000008048000-0x000000000805bc08-memory.dmp
    /tmp/1610-1-0x0000000008048000-0x000000000805bc08-memory.dmp
    1⤵
    • Modifies Watchdog functionality
    • Writes file to system bin folder
    • Reads runtime system information
    PID:1572

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads