ae40589ca011bbeeab71412a1d1ecaab9a8f5757815c11832a1cb775691d8b58

Analysis

max time kernel
134s
max time network
160s
platform
debian-12_mipsel
resource
debian12-mipsel-20240221-en
resource tags

arch:mipselimage:debian12-mipsel-20240221-enkernel:6.1.0-17-4kc-maltalocale:en-usos:debian-12-mipselsystem
submitted
08/03/2025, 12:37

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

ae40589ca011bbeeab71412a1d1ecaab9a8f5757815c11832a1cb775691d8b58.elf
Size

59KB
MD5

24022994585fa2ac7bc207eff6a29a09
SHA1

3642c9108c284c0d545620b465afd8ceee28b7cb
SHA256

ae40589ca011bbeeab71412a1d1ecaab9a8f5757815c11832a1cb775691d8b58
SHA512

fe500a82f367181321262f9f7ef9b3c3cf97f52c6dbeeb51a07fde5c86300d772853ff552b6b3f93c3b664542b9a15a87aea4183dc118f3c3581bc7db7162cfa
SSDEEP

768:jQ0mOKvxcYm8WFUvw5xReSjer2gGZVxyXi6AL2Bj/9w:jQ0mp5ykwxTjY2tZVxz2Be

Score

6^/10

discovery

Malware Config

Signatures

Enumerates running processes
Discovers information about currently running processes on the system

Changes its process name 1 IoCs

description	ioc	pid	Process
Changes the process name, possibly in an attempt to hide itself	a	740	ae40589ca011bbeeab71412a1d1ecaab9a8f5757815c11832a1cb775691d8b58.elf

Reads runtime system information 64 IoCs

Reads data from /proc virtual filesystem.

discovery

description	ioc	Process
File opened for reading	/proc/37/cmdline	ae40589ca011bbeeab71412a1d1ecaab9a8f5757815c11832a1cb775691d8b58.elf
File opened for reading	/proc/117/cmdline	ae40589ca011bbeeab71412a1d1ecaab9a8f5757815c11832a1cb775691d8b58.elf
File opened for reading	/proc/363/cmdline	ae40589ca011bbeeab71412a1d1ecaab9a8f5757815c11832a1cb775691d8b58.elf
File opened for reading	/proc/366/cmdline	ae40589ca011bbeeab71412a1d1ecaab9a8f5757815c11832a1cb775691d8b58.elf
File opened for reading	/proc/716/cmdline	ae40589ca011bbeeab71412a1d1ecaab9a8f5757815c11832a1cb775691d8b58.elf
File opened for reading	/proc/730/cmdline	ae40589ca011bbeeab71412a1d1ecaab9a8f5757815c11832a1cb775691d8b58.elf
File opened for reading	/proc/732/cmdline	ae40589ca011bbeeab71412a1d1ecaab9a8f5757815c11832a1cb775691d8b58.elf
File opened for reading	/proc/16/cmdline	ae40589ca011bbeeab71412a1d1ecaab9a8f5757815c11832a1cb775691d8b58.elf
File opened for reading	/proc/23/cmdline	ae40589ca011bbeeab71412a1d1ecaab9a8f5757815c11832a1cb775691d8b58.elf
File opened for reading	/proc/29/cmdline	ae40589ca011bbeeab71412a1d1ecaab9a8f5757815c11832a1cb775691d8b58.elf
File opened for reading	/proc/31/cmdline	ae40589ca011bbeeab71412a1d1ecaab9a8f5757815c11832a1cb775691d8b58.elf
File opened for reading	/proc/137/cmdline	ae40589ca011bbeeab71412a1d1ecaab9a8f5757815c11832a1cb775691d8b58.elf
File opened for reading	/proc/685/cmdline	ae40589ca011bbeeab71412a1d1ecaab9a8f5757815c11832a1cb775691d8b58.elf
File opened for reading	/proc/11/cmdline	ae40589ca011bbeeab71412a1d1ecaab9a8f5757815c11832a1cb775691d8b58.elf
File opened for reading	/proc/24/cmdline	ae40589ca011bbeeab71412a1d1ecaab9a8f5757815c11832a1cb775691d8b58.elf
File opened for reading	/proc/111/cmdline	ae40589ca011bbeeab71412a1d1ecaab9a8f5757815c11832a1cb775691d8b58.elf
File opened for reading	/proc/377/cmdline	ae40589ca011bbeeab71412a1d1ecaab9a8f5757815c11832a1cb775691d8b58.elf
File opened for reading	/proc/712/cmdline	ae40589ca011bbeeab71412a1d1ecaab9a8f5757815c11832a1cb775691d8b58.elf
File opened for reading	/proc/720/cmdline	ae40589ca011bbeeab71412a1d1ecaab9a8f5757815c11832a1cb775691d8b58.elf
File opened for reading	/proc/58/cmdline	ae40589ca011bbeeab71412a1d1ecaab9a8f5757815c11832a1cb775691d8b58.elf
File opened for reading	/proc/695/cmdline	ae40589ca011bbeeab71412a1d1ecaab9a8f5757815c11832a1cb775691d8b58.elf
File opened for reading	/proc/717/cmdline	ae40589ca011bbeeab71412a1d1ecaab9a8f5757815c11832a1cb775691d8b58.elf
File opened for reading	/proc/13/cmdline	ae40589ca011bbeeab71412a1d1ecaab9a8f5757815c11832a1cb775691d8b58.elf
File opened for reading	/proc/15/cmdline	ae40589ca011bbeeab71412a1d1ecaab9a8f5757815c11832a1cb775691d8b58.elf
File opened for reading	/proc/112/cmdline	ae40589ca011bbeeab71412a1d1ecaab9a8f5757815c11832a1cb775691d8b58.elf
File opened for reading	/proc/19/cmdline	ae40589ca011bbeeab71412a1d1ecaab9a8f5757815c11832a1cb775691d8b58.elf
File opened for reading	/proc/22/cmdline	ae40589ca011bbeeab71412a1d1ecaab9a8f5757815c11832a1cb775691d8b58.elf
File opened for reading	/proc/118/cmdline	ae40589ca011bbeeab71412a1d1ecaab9a8f5757815c11832a1cb775691d8b58.elf
File opened for reading	/proc/731/cmdline	ae40589ca011bbeeab71412a1d1ecaab9a8f5757815c11832a1cb775691d8b58.elf
File opened for reading	/proc/25/cmdline	ae40589ca011bbeeab71412a1d1ecaab9a8f5757815c11832a1cb775691d8b58.elf
File opened for reading	/proc/59/cmdline	ae40589ca011bbeeab71412a1d1ecaab9a8f5757815c11832a1cb775691d8b58.elf
File opened for reading	/proc/181/cmdline	ae40589ca011bbeeab71412a1d1ecaab9a8f5757815c11832a1cb775691d8b58.elf
File opened for reading	/proc/202/cmdline	ae40589ca011bbeeab71412a1d1ecaab9a8f5757815c11832a1cb775691d8b58.elf
File opened for reading	/proc/5/cmdline	ae40589ca011bbeeab71412a1d1ecaab9a8f5757815c11832a1cb775691d8b58.elf
File opened for reading	/proc/14/cmdline	ae40589ca011bbeeab71412a1d1ecaab9a8f5757815c11832a1cb775691d8b58.elf
File opened for reading	/proc/17/cmdline	ae40589ca011bbeeab71412a1d1ecaab9a8f5757815c11832a1cb775691d8b58.elf
File opened for reading	/proc/42/cmdline	ae40589ca011bbeeab71412a1d1ecaab9a8f5757815c11832a1cb775691d8b58.elf
File opened for reading	/proc/113/cmdline	ae40589ca011bbeeab71412a1d1ecaab9a8f5757815c11832a1cb775691d8b58.elf
File opened for reading	/proc/258/cmdline	ae40589ca011bbeeab71412a1d1ecaab9a8f5757815c11832a1cb775691d8b58.elf
File opened for reading	/proc/391/cmdline	ae40589ca011bbeeab71412a1d1ecaab9a8f5757815c11832a1cb775691d8b58.elf
File opened for reading	/proc/705/cmdline	ae40589ca011bbeeab71412a1d1ecaab9a8f5757815c11832a1cb775691d8b58.elf
File opened for reading	/proc/3/cmdline	ae40589ca011bbeeab71412a1d1ecaab9a8f5757815c11832a1cb775691d8b58.elf
File opened for reading	/proc/4/cmdline	ae40589ca011bbeeab71412a1d1ecaab9a8f5757815c11832a1cb775691d8b58.elf
File opened for reading	/proc/34/cmdline	ae40589ca011bbeeab71412a1d1ecaab9a8f5757815c11832a1cb775691d8b58.elf
File opened for reading	/proc/114/cmdline	ae40589ca011bbeeab71412a1d1ecaab9a8f5757815c11832a1cb775691d8b58.elf
File opened for reading	/proc/138/cmdline	ae40589ca011bbeeab71412a1d1ecaab9a8f5757815c11832a1cb775691d8b58.elf
File opened for reading	/proc/28/cmdline	ae40589ca011bbeeab71412a1d1ecaab9a8f5757815c11832a1cb775691d8b58.elf
File opened for reading	/proc/6/cmdline	ae40589ca011bbeeab71412a1d1ecaab9a8f5757815c11832a1cb775691d8b58.elf
File opened for reading	/proc/12/cmdline	ae40589ca011bbeeab71412a1d1ecaab9a8f5757815c11832a1cb775691d8b58.elf
File opened for reading	/proc/388/cmdline	ae40589ca011bbeeab71412a1d1ecaab9a8f5757815c11832a1cb775691d8b58.elf
File opened for reading	/proc/741/cmdline	ae40589ca011bbeeab71412a1d1ecaab9a8f5757815c11832a1cb775691d8b58.elf
File opened for reading	/proc/21/cmdline	ae40589ca011bbeeab71412a1d1ecaab9a8f5757815c11832a1cb775691d8b58.elf
File opened for reading	/proc/45/cmdline	ae40589ca011bbeeab71412a1d1ecaab9a8f5757815c11832a1cb775691d8b58.elf
File opened for reading	/proc/48/cmdline	ae40589ca011bbeeab71412a1d1ecaab9a8f5757815c11832a1cb775691d8b58.elf
File opened for reading	/proc/53/cmdline	ae40589ca011bbeeab71412a1d1ecaab9a8f5757815c11832a1cb775691d8b58.elf
File opened for reading	/proc/383/cmdline	ae40589ca011bbeeab71412a1d1ecaab9a8f5757815c11832a1cb775691d8b58.elf
File opened for reading	/proc/734/cmdline	ae40589ca011bbeeab71412a1d1ecaab9a8f5757815c11832a1cb775691d8b58.elf
File opened for reading	/proc/33/cmdline	ae40589ca011bbeeab71412a1d1ecaab9a8f5757815c11832a1cb775691d8b58.elf
File opened for reading	/proc/35/cmdline	ae40589ca011bbeeab71412a1d1ecaab9a8f5757815c11832a1cb775691d8b58.elf
File opened for reading	/proc/597/cmdline	ae40589ca011bbeeab71412a1d1ecaab9a8f5757815c11832a1cb775691d8b58.elf
File opened for reading	/proc/710/cmdline	ae40589ca011bbeeab71412a1d1ecaab9a8f5757815c11832a1cb775691d8b58.elf
File opened for reading	/proc/7/cmdline	ae40589ca011bbeeab71412a1d1ecaab9a8f5757815c11832a1cb775691d8b58.elf
File opened for reading	/proc/18/cmdline	ae40589ca011bbeeab71412a1d1ecaab9a8f5757815c11832a1cb775691d8b58.elf
File opened for reading	/proc/27/cmdline	ae40589ca011bbeeab71412a1d1ecaab9a8f5757815c11832a1cb775691d8b58.elf

/tmp/ae40589ca011bbeeab71412a1d1ecaab9a8f5757815c11832a1cb775691d8b58.elf
/tmp/ae40589ca011bbeeab71412a1d1ecaab9a8f5757815c11832a1cb775691d8b58.elf
1⤵
- Changes its process name
- Reads runtime system information
PID:740

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads