Overview

overview

10

Static

static

10

1578-1-0x0...ry.dmp

ubuntu-22.04-amd64

7

Analysis

  • max time kernel
    136s
  • max time network
    149s
  • platform
    ubuntu-22.04_amd64
  • resource
    ubuntu2204-amd64-20240522.1-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2204-amd64-20240522.1-enkernel:5.15.0-105-genericlocale:en-usos:ubuntu-22.04-amd64system
  • submitted
    11-01-2025 09:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1578-1-0x0000000008048000-0x000000000805bc08-memory.dmp

  • Size

    76KB

  • MD5

    f98d03ce684fd767d86258ab09674bba

  • SHA1

    e42a4c5962d8858e2ec64198bfecae43748be3de

  • SHA256

    99da84b5f4e7930b77b60b1cf1750fa2f7b12d6b87cc14e555ae8574a03c7d93

  • SHA512

    213950a547243bde21f2461952d343a784472332ace531c7ea2ee85a336d7b021bae0d249229cf7ba4315e39fca8b7286a03f057a28c0cf6b4b8ff1268d331bf

  • SSDEEP

    1536:FpmO4tlM904jZVzd6kzGoYGiapUN31gRr313kPgCrm:PJ4g90OZVz9Z6K9GI6m

Score
7/10
defense_evasiondiscovery

Malware Config

Signatures

  • Modifies Watchdog functionality 1 TTPs 2 IoCs

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    defense_evasion
  • Enumerates running processes

    Discovers information about currently running processes on the system

  • Writes file to system bin folder 2 IoCs
  • Reads runtime system information 64 IoCs

    Reads data from /proc virtual filesystem.

    discovery

Processes

  • /tmp/1578-1-0x0000000008048000-0x000000000805bc08-memory.dmp
    /tmp/1578-1-0x0000000008048000-0x000000000805bc08-memory.dmp
    1⤵
    • Modifies Watchdog functionality
    • Writes file to system bin folder
    • Reads runtime system information
    PID:1552

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads