5ca0b0ae7e192bd75c61c36621709fe537c23eb11fc10538c98b6493980217eb

Analysis

max time kernel
123s
max time network
150s
platform
debian-9_mipsel
resource
debian9-mipsel-20240611-en
resource tags

arch:mipselimage:debian9-mipsel-20240611-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipselsystem
submitted
30-12-2024 02:18

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

5ca0b0ae7e192bd75c61c36621709fe537c23eb11fc10538c98b6493980217eb.elf
Size

173KB
MD5

f57995d1e42a698739bb698d66593199
SHA1

f41f9f49d6ccfe330690441f57dfbcabd2da90fd
SHA256

5ca0b0ae7e192bd75c61c36621709fe537c23eb11fc10538c98b6493980217eb
SHA512

756c6ee929700c8d0c59b765dff279b1b9834e2d2f1e91eeb084e4d940aea70e314e5c9c093d04724edf40ca44de9f5ef586ba51ba3b2b77e40877a856f8d654
SSDEEP

3072:OeEksFM+wXpOUaVB8H3NaMFuDbcpB99k+rhsKbK0:OeEnO+wXkVGdaMkD4pHi+Pe

Score

6^/10

discovery

Malware Config

Signatures

Enumerates running processes
Discovers information about currently running processes on the system

Changes its process name 1 IoCs

description	ioc	pid	Process
Changes the process name, possibly in an attempt to hide itself	a- M"!	710	5ca0b0ae7e192bd75c61c36621709fe537c23eb11fc10538c98b6493980217eb.elf

Reads runtime system information 64 IoCs

Reads data from /proc virtual filesystem.

discovery

description	ioc	Process
File opened for reading	/proc/4/cmdline	5ca0b0ae7e192bd75c61c36621709fe537c23eb11fc10538c98b6493980217eb.elf
File opened for reading	/proc/381/cmdline	5ca0b0ae7e192bd75c61c36621709fe537c23eb11fc10538c98b6493980217eb.elf
File opened for reading	/proc/655/cmdline	5ca0b0ae7e192bd75c61c36621709fe537c23eb11fc10538c98b6493980217eb.elf
File opened for reading	/proc/812/cmdline	5ca0b0ae7e192bd75c61c36621709fe537c23eb11fc10538c98b6493980217eb.elf
File opened for reading	/proc/36/cmdline	5ca0b0ae7e192bd75c61c36621709fe537c23eb11fc10538c98b6493980217eb.elf
File opened for reading	/proc/72/cmdline	5ca0b0ae7e192bd75c61c36621709fe537c23eb11fc10538c98b6493980217eb.elf
File opened for reading	/proc/84/cmdline	5ca0b0ae7e192bd75c61c36621709fe537c23eb11fc10538c98b6493980217eb.elf
File opened for reading	/proc/733/cmdline	5ca0b0ae7e192bd75c61c36621709fe537c23eb11fc10538c98b6493980217eb.elf
File opened for reading	/proc/751/cmdline	5ca0b0ae7e192bd75c61c36621709fe537c23eb11fc10538c98b6493980217eb.elf
File opened for reading	/proc/767/cmdline	5ca0b0ae7e192bd75c61c36621709fe537c23eb11fc10538c98b6493980217eb.elf
File opened for reading	/proc/814/cmdline	5ca0b0ae7e192bd75c61c36621709fe537c23eb11fc10538c98b6493980217eb.elf
File opened for reading	/proc/74/cmdline	5ca0b0ae7e192bd75c61c36621709fe537c23eb11fc10538c98b6493980217eb.elf
File opened for reading	/proc/357/cmdline	5ca0b0ae7e192bd75c61c36621709fe537c23eb11fc10538c98b6493980217eb.elf
File opened for reading	/proc/722/cmdline	5ca0b0ae7e192bd75c61c36621709fe537c23eb11fc10538c98b6493980217eb.elf
File opened for reading	/proc/723/cmdline	5ca0b0ae7e192bd75c61c36621709fe537c23eb11fc10538c98b6493980217eb.elf
File opened for reading	/proc/734/cmdline	5ca0b0ae7e192bd75c61c36621709fe537c23eb11fc10538c98b6493980217eb.elf
File opened for reading	/proc/795/cmdline	5ca0b0ae7e192bd75c61c36621709fe537c23eb11fc10538c98b6493980217eb.elf
File opened for reading	/proc/721/cmdline	5ca0b0ae7e192bd75c61c36621709fe537c23eb11fc10538c98b6493980217eb.elf
File opened for reading	/proc/753/cmdline	5ca0b0ae7e192bd75c61c36621709fe537c23eb11fc10538c98b6493980217eb.elf
File opened for reading	/proc/761/cmdline	5ca0b0ae7e192bd75c61c36621709fe537c23eb11fc10538c98b6493980217eb.elf
File opened for reading	/proc/773/cmdline	5ca0b0ae7e192bd75c61c36621709fe537c23eb11fc10538c98b6493980217eb.elf
File opened for reading	/proc/799/cmdline	5ca0b0ae7e192bd75c61c36621709fe537c23eb11fc10538c98b6493980217eb.elf
File opened for reading	/proc/816/cmdline	5ca0b0ae7e192bd75c61c36621709fe537c23eb11fc10538c98b6493980217eb.elf
File opened for reading	/proc/70/cmdline	5ca0b0ae7e192bd75c61c36621709fe537c23eb11fc10538c98b6493980217eb.elf
File opened for reading	/proc/111/cmdline	5ca0b0ae7e192bd75c61c36621709fe537c23eb11fc10538c98b6493980217eb.elf
File opened for reading	/proc/736/cmdline	5ca0b0ae7e192bd75c61c36621709fe537c23eb11fc10538c98b6493980217eb.elf
File opened for reading	/proc/762/cmdline	5ca0b0ae7e192bd75c61c36621709fe537c23eb11fc10538c98b6493980217eb.elf
File opened for reading	/proc/779/cmdline	5ca0b0ae7e192bd75c61c36621709fe537c23eb11fc10538c98b6493980217eb.elf
File opened for reading	/proc/815/cmdline	5ca0b0ae7e192bd75c61c36621709fe537c23eb11fc10538c98b6493980217eb.elf
File opened for reading	/proc/9/cmdline	5ca0b0ae7e192bd75c61c36621709fe537c23eb11fc10538c98b6493980217eb.elf
File opened for reading	/proc/18/cmdline	5ca0b0ae7e192bd75c61c36621709fe537c23eb11fc10538c98b6493980217eb.elf
File opened for reading	/proc/21/cmdline	5ca0b0ae7e192bd75c61c36621709fe537c23eb11fc10538c98b6493980217eb.elf
File opened for reading	/proc/713/cmdline	5ca0b0ae7e192bd75c61c36621709fe537c23eb11fc10538c98b6493980217eb.elf
File opened for reading	/proc/743/cmdline	5ca0b0ae7e192bd75c61c36621709fe537c23eb11fc10538c98b6493980217eb.elf
File opened for reading	/proc/808/cmdline	5ca0b0ae7e192bd75c61c36621709fe537c23eb11fc10538c98b6493980217eb.elf
File opened for reading	/proc/749/cmdline	5ca0b0ae7e192bd75c61c36621709fe537c23eb11fc10538c98b6493980217eb.elf
File opened for reading	/proc/750/cmdline	5ca0b0ae7e192bd75c61c36621709fe537c23eb11fc10538c98b6493980217eb.elf
File opened for reading	/proc/3/cmdline	5ca0b0ae7e192bd75c61c36621709fe537c23eb11fc10538c98b6493980217eb.elf
File opened for reading	/proc/19/cmdline	5ca0b0ae7e192bd75c61c36621709fe537c23eb11fc10538c98b6493980217eb.elf
File opened for reading	/proc/76/cmdline	5ca0b0ae7e192bd75c61c36621709fe537c23eb11fc10538c98b6493980217eb.elf
File opened for reading	/proc/125/cmdline	5ca0b0ae7e192bd75c61c36621709fe537c23eb11fc10538c98b6493980217eb.elf
File opened for reading	/proc/386/cmdline	5ca0b0ae7e192bd75c61c36621709fe537c23eb11fc10538c98b6493980217eb.elf
File opened for reading	/proc/703/cmdline	5ca0b0ae7e192bd75c61c36621709fe537c23eb11fc10538c98b6493980217eb.elf
File opened for reading	/proc/813/cmdline	5ca0b0ae7e192bd75c61c36621709fe537c23eb11fc10538c98b6493980217eb.elf
File opened for reading	/proc/727/cmdline	5ca0b0ae7e192bd75c61c36621709fe537c23eb11fc10538c98b6493980217eb.elf
File opened for reading	/proc/729/cmdline	5ca0b0ae7e192bd75c61c36621709fe537c23eb11fc10538c98b6493980217eb.elf
File opened for reading	/proc/738/cmdline	5ca0b0ae7e192bd75c61c36621709fe537c23eb11fc10538c98b6493980217eb.elf
File opened for reading	/proc/757/cmdline	5ca0b0ae7e192bd75c61c36621709fe537c23eb11fc10538c98b6493980217eb.elf
File opened for reading	/proc/801/cmdline	5ca0b0ae7e192bd75c61c36621709fe537c23eb11fc10538c98b6493980217eb.elf
File opened for reading	/proc/735/cmdline	5ca0b0ae7e192bd75c61c36621709fe537c23eb11fc10538c98b6493980217eb.elf
File opened for reading	/proc/788/cmdline	5ca0b0ae7e192bd75c61c36621709fe537c23eb11fc10538c98b6493980217eb.elf
File opened for reading	/proc/15/cmdline	5ca0b0ae7e192bd75c61c36621709fe537c23eb11fc10538c98b6493980217eb.elf
File opened for reading	/proc/71/cmdline	5ca0b0ae7e192bd75c61c36621709fe537c23eb11fc10538c98b6493980217eb.elf
File opened for reading	/proc/715/cmdline	5ca0b0ae7e192bd75c61c36621709fe537c23eb11fc10538c98b6493980217eb.elf
File opened for reading	/proc/768/cmdline	5ca0b0ae7e192bd75c61c36621709fe537c23eb11fc10538c98b6493980217eb.elf
File opened for reading	/proc/792/cmdline	5ca0b0ae7e192bd75c61c36621709fe537c23eb11fc10538c98b6493980217eb.elf
File opened for reading	/proc/10/cmdline	5ca0b0ae7e192bd75c61c36621709fe537c23eb11fc10538c98b6493980217eb.elf
File opened for reading	/proc/37/cmdline	5ca0b0ae7e192bd75c61c36621709fe537c23eb11fc10538c98b6493980217eb.elf
File opened for reading	/proc/78/cmdline	5ca0b0ae7e192bd75c61c36621709fe537c23eb11fc10538c98b6493980217eb.elf
File opened for reading	/proc/708/cmdline	5ca0b0ae7e192bd75c61c36621709fe537c23eb11fc10538c98b6493980217eb.elf
File opened for reading	/proc/711/cmdline	5ca0b0ae7e192bd75c61c36621709fe537c23eb11fc10538c98b6493980217eb.elf
File opened for reading	/proc/787/cmdline	5ca0b0ae7e192bd75c61c36621709fe537c23eb11fc10538c98b6493980217eb.elf
File opened for reading	/proc/11/cmdline	5ca0b0ae7e192bd75c61c36621709fe537c23eb11fc10538c98b6493980217eb.elf
File opened for reading	/proc/75/cmdline	5ca0b0ae7e192bd75c61c36621709fe537c23eb11fc10538c98b6493980217eb.elf

/tmp/5ca0b0ae7e192bd75c61c36621709fe537c23eb11fc10538c98b6493980217eb.elf
/tmp/5ca0b0ae7e192bd75c61c36621709fe537c23eb11fc10538c98b6493980217eb.elf
1⤵
- Changes its process name
- Reads runtime system information
PID:710

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads