1e74b70fafd03b372bd8f0b932ae682ab2ea7b73f69744dfc26e24385f23f569

Analysis

max time kernel
132s
max time network
152s
platform
debian-9_mips
resource
debian9-mipsbe-20240611-en
resource tags

arch:mipsimage:debian9-mipsbe-20240611-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipssystem
submitted
08/03/2025, 04:23

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

1e74b70fafd03b372bd8f0b932ae682ab2ea7b73f69744dfc26e24385f23f569.elf
Size

58KB
MD5

1c8b6437a383e5816d7444525fc1508b
SHA1

4eefd8b14e3f7ac66a30f73b495b40839e5f6bb4
SHA256

1e74b70fafd03b372bd8f0b932ae682ab2ea7b73f69744dfc26e24385f23f569
SHA512

4acca052eece00944ceb143a6c898b4ce03061d4ad36598347128388ad5399431c0e989a2c7a6f2c1689e65ed34c25390d197492b6169ed1942cd928d331857c
SSDEEP

768:wp/qLBExCQZvS5rhmufbFNemSnoh2Ld3uAOW1cZSUqIfyMn+5vf4e/Jswb+D:wp/5lv4rNA1OW1pU5UQmJtS

Score

6^/10

discovery

Malware Config

Signatures

Enumerates running processes
Discovers information about currently running processes on the system

Changes its process name 1 IoCs

description	ioc	pid	Process
Changes the process name, possibly in an attempt to hide itself	a	699	1e74b70fafd03b372bd8f0b932ae682ab2ea7b73f69744dfc26e24385f23f569.elf

Reads runtime system information 64 IoCs

Reads data from /proc virtual filesystem.

discovery

description	ioc	Process
File opened for reading	/proc/24/cmdline	1e74b70fafd03b372bd8f0b932ae682ab2ea7b73f69744dfc26e24385f23f569.elf
File opened for reading	/proc/139/cmdline	1e74b70fafd03b372bd8f0b932ae682ab2ea7b73f69744dfc26e24385f23f569.elf
File opened for reading	/proc/149/cmdline	1e74b70fafd03b372bd8f0b932ae682ab2ea7b73f69744dfc26e24385f23f569.elf
File opened for reading	/proc/328/cmdline	1e74b70fafd03b372bd8f0b932ae682ab2ea7b73f69744dfc26e24385f23f569.elf
File opened for reading	/proc/8/cmdline	1e74b70fafd03b372bd8f0b932ae682ab2ea7b73f69744dfc26e24385f23f569.elf
File opened for reading	/proc/17/cmdline	1e74b70fafd03b372bd8f0b932ae682ab2ea7b73f69744dfc26e24385f23f569.elf
File opened for reading	/proc/21/cmdline	1e74b70fafd03b372bd8f0b932ae682ab2ea7b73f69744dfc26e24385f23f569.elf
File opened for reading	/proc/23/cmdline	1e74b70fafd03b372bd8f0b932ae682ab2ea7b73f69744dfc26e24385f23f569.elf
File opened for reading	/proc/68/cmdline	1e74b70fafd03b372bd8f0b932ae682ab2ea7b73f69744dfc26e24385f23f569.elf
File opened for reading	/proc/76/cmdline	1e74b70fafd03b372bd8f0b932ae682ab2ea7b73f69744dfc26e24385f23f569.elf
File opened for reading	/proc/105/cmdline	1e74b70fafd03b372bd8f0b932ae682ab2ea7b73f69744dfc26e24385f23f569.elf
File opened for reading	/proc/324/cmdline	1e74b70fafd03b372bd8f0b932ae682ab2ea7b73f69744dfc26e24385f23f569.elf
File opened for reading	/proc/692/cmdline	1e74b70fafd03b372bd8f0b932ae682ab2ea7b73f69744dfc26e24385f23f569.elf
File opened for reading	/proc/704/cmdline	1e74b70fafd03b372bd8f0b932ae682ab2ea7b73f69744dfc26e24385f23f569.elf
File opened for reading	/proc/4/cmdline	1e74b70fafd03b372bd8f0b932ae682ab2ea7b73f69744dfc26e24385f23f569.elf
File opened for reading	/proc/5/cmdline	1e74b70fafd03b372bd8f0b932ae682ab2ea7b73f69744dfc26e24385f23f569.elf
File opened for reading	/proc/20/cmdline	1e74b70fafd03b372bd8f0b932ae682ab2ea7b73f69744dfc26e24385f23f569.elf
File opened for reading	/proc/77/cmdline	1e74b70fafd03b372bd8f0b932ae682ab2ea7b73f69744dfc26e24385f23f569.elf
File opened for reading	/proc/461/cmdline	1e74b70fafd03b372bd8f0b932ae682ab2ea7b73f69744dfc26e24385f23f569.elf
File opened for reading	/proc/763/cmdline	1e74b70fafd03b372bd8f0b932ae682ab2ea7b73f69744dfc26e24385f23f569.elf
File opened for reading	/proc/807/cmdline	1e74b70fafd03b372bd8f0b932ae682ab2ea7b73f69744dfc26e24385f23f569.elf
File opened for reading	/proc/2/cmdline	1e74b70fafd03b372bd8f0b932ae682ab2ea7b73f69744dfc26e24385f23f569.elf
File opened for reading	/proc/22/cmdline	1e74b70fafd03b372bd8f0b932ae682ab2ea7b73f69744dfc26e24385f23f569.elf
File opened for reading	/proc/697/cmdline	1e74b70fafd03b372bd8f0b932ae682ab2ea7b73f69744dfc26e24385f23f569.elf
File opened for reading	/proc/36/cmdline	1e74b70fafd03b372bd8f0b932ae682ab2ea7b73f69744dfc26e24385f23f569.elf
File opened for reading	/proc/80/cmdline	1e74b70fafd03b372bd8f0b932ae682ab2ea7b73f69744dfc26e24385f23f569.elf
File opened for reading	/proc/379/cmdline	1e74b70fafd03b372bd8f0b932ae682ab2ea7b73f69744dfc26e24385f23f569.elf
File opened for reading	/proc/73/cmdline	1e74b70fafd03b372bd8f0b932ae682ab2ea7b73f69744dfc26e24385f23f569.elf
File opened for reading	/proc/469/cmdline	1e74b70fafd03b372bd8f0b932ae682ab2ea7b73f69744dfc26e24385f23f569.elf
File opened for reading	/proc/759/cmdline	1e74b70fafd03b372bd8f0b932ae682ab2ea7b73f69744dfc26e24385f23f569.elf
File opened for reading	/proc/167/cmdline	1e74b70fafd03b372bd8f0b932ae682ab2ea7b73f69744dfc26e24385f23f569.elf
File opened for reading	/proc/771/cmdline	1e74b70fafd03b372bd8f0b932ae682ab2ea7b73f69744dfc26e24385f23f569.elf
File opened for reading	/proc/798/cmdline	1e74b70fafd03b372bd8f0b932ae682ab2ea7b73f69744dfc26e24385f23f569.elf
File opened for reading	/proc/12/cmdline	1e74b70fafd03b372bd8f0b932ae682ab2ea7b73f69744dfc26e24385f23f569.elf
File opened for reading	/proc/115/cmdline	1e74b70fafd03b372bd8f0b932ae682ab2ea7b73f69744dfc26e24385f23f569.elf
File opened for reading	/proc/357/cmdline	1e74b70fafd03b372bd8f0b932ae682ab2ea7b73f69744dfc26e24385f23f569.elf
File opened for reading	/proc/82/cmdline	1e74b70fafd03b372bd8f0b932ae682ab2ea7b73f69744dfc26e24385f23f569.elf
File opened for reading	/proc/332/cmdline	1e74b70fafd03b372bd8f0b932ae682ab2ea7b73f69744dfc26e24385f23f569.elf
File opened for reading	/proc/14/cmdline	1e74b70fafd03b372bd8f0b932ae682ab2ea7b73f69744dfc26e24385f23f569.elf
File opened for reading	/proc/6/cmdline	1e74b70fafd03b372bd8f0b932ae682ab2ea7b73f69744dfc26e24385f23f569.elf
File opened for reading	/proc/11/cmdline	1e74b70fafd03b372bd8f0b932ae682ab2ea7b73f69744dfc26e24385f23f569.elf
File opened for reading	/proc/70/cmdline	1e74b70fafd03b372bd8f0b932ae682ab2ea7b73f69744dfc26e24385f23f569.elf
File opened for reading	/proc/78/cmdline	1e74b70fafd03b372bd8f0b932ae682ab2ea7b73f69744dfc26e24385f23f569.elf
File opened for reading	/proc/387/cmdline	1e74b70fafd03b372bd8f0b932ae682ab2ea7b73f69744dfc26e24385f23f569.elf
File opened for reading	/proc/706/cmdline	1e74b70fafd03b372bd8f0b932ae682ab2ea7b73f69744dfc26e24385f23f569.elf
File opened for reading	/proc/37/cmdline	1e74b70fafd03b372bd8f0b932ae682ab2ea7b73f69744dfc26e24385f23f569.elf
File opened for reading	/proc/66/cmdline	1e74b70fafd03b372bd8f0b932ae682ab2ea7b73f69744dfc26e24385f23f569.elf
File opened for reading	/proc/236/cmdline	1e74b70fafd03b372bd8f0b932ae682ab2ea7b73f69744dfc26e24385f23f569.elf
File opened for reading	/proc/506/cmdline	1e74b70fafd03b372bd8f0b932ae682ab2ea7b73f69744dfc26e24385f23f569.elf
File opened for reading	/proc/507/cmdline	1e74b70fafd03b372bd8f0b932ae682ab2ea7b73f69744dfc26e24385f23f569.elf
File opened for reading	/proc/691/cmdline	1e74b70fafd03b372bd8f0b932ae682ab2ea7b73f69744dfc26e24385f23f569.elf
File opened for reading	/proc/726/cmdline	1e74b70fafd03b372bd8f0b932ae682ab2ea7b73f69744dfc26e24385f23f569.elf
File opened for reading	/proc/10/cmdline	1e74b70fafd03b372bd8f0b932ae682ab2ea7b73f69744dfc26e24385f23f569.elf
File opened for reading	/proc/13/cmdline	1e74b70fafd03b372bd8f0b932ae682ab2ea7b73f69744dfc26e24385f23f569.elf
File opened for reading	/proc/18/cmdline	1e74b70fafd03b372bd8f0b932ae682ab2ea7b73f69744dfc26e24385f23f569.elf
File opened for reading	/proc/71/cmdline	1e74b70fafd03b372bd8f0b932ae682ab2ea7b73f69744dfc26e24385f23f569.elf
File opened for reading	/proc/330/cmdline	1e74b70fafd03b372bd8f0b932ae682ab2ea7b73f69744dfc26e24385f23f569.elf
File opened for reading	/proc/393/cmdline	1e74b70fafd03b372bd8f0b932ae682ab2ea7b73f69744dfc26e24385f23f569.elf
File opened for reading	/proc/694/cmdline	1e74b70fafd03b372bd8f0b932ae682ab2ea7b73f69744dfc26e24385f23f569.elf
File opened for reading	/proc/3/cmdline	1e74b70fafd03b372bd8f0b932ae682ab2ea7b73f69744dfc26e24385f23f569.elf
File opened for reading	/proc/16/cmdline	1e74b70fafd03b372bd8f0b932ae682ab2ea7b73f69744dfc26e24385f23f569.elf
File opened for reading	/proc/19/cmdline	1e74b70fafd03b372bd8f0b932ae682ab2ea7b73f69744dfc26e24385f23f569.elf
File opened for reading	/proc/116/cmdline	1e74b70fafd03b372bd8f0b932ae682ab2ea7b73f69744dfc26e24385f23f569.elf
File opened for reading	/proc/329/cmdline	1e74b70fafd03b372bd8f0b932ae682ab2ea7b73f69744dfc26e24385f23f569.elf

/tmp/1e74b70fafd03b372bd8f0b932ae682ab2ea7b73f69744dfc26e24385f23f569.elf
/tmp/1e74b70fafd03b372bd8f0b932ae682ab2ea7b73f69744dfc26e24385f23f569.elf
1⤵
- Changes its process name
- Reads runtime system information
PID:699

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads