d9fc1ad9af297ff9f0fabf2227f8060b0eb069bb4fe430723ab06af3b981b9db | Triage

Submit
Reports

Overview

overview

9

Static

static

f586c357f1...8a101f

debian-9-mips

9

Sharing

General

Target

f586c357f162b4875c286e028b8a101f
Size

82KB
Sample

220805-ywjb3sggd8
MD5

f586c357f162b4875c286e028b8a101f
SHA1

83964f5d27a8f6b1c0876e62dead592d86b2ed56
SHA256

d9fc1ad9af297ff9f0fabf2227f8060b0eb069bb4fe430723ab06af3b981b9db
SHA512

fa3827aa7eeeff0d106a864686d257288a9bbb50068cc265223e82c0e8183805776a7924a877637659b1359e3d7d1ec0bc46013f66084d2d82d661e801e0941d

Score

9^/10

discovery

Static task

static1

Behavioral task

behavioral1

Sample

f586c357f162b4875c286e028b8a101f

Resource

debian9-mipsbe-en-20211208

debian-9-mips

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  f586c357f162b4875c286e028b8a101f
- Size
  
  82KB
- MD5
  
  f586c357f162b4875c286e028b8a101f
- SHA1
  
  83964f5d27a8f6b1c0876e62dead592d86b2ed56
- SHA256
  
  d9fc1ad9af297ff9f0fabf2227f8060b0eb069bb4fe430723ab06af3b981b9db
- SHA512
  
  fa3827aa7eeeff0d106a864686d257288a9bbb50068cc265223e82c0e8183805776a7924a877637659b1359e3d7d1ec0bc46013f66084d2d82d661e801e0941d
Score

9^/10

discovery
- Contacts a large (40409) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Modifies the Watchdog daemon
  Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
- Enumerates active TCP sockets
  Gets active TCP sockets from /proc virtual filesystem.
- Reads system network configuration
  Uses contents of /proc filesystem to enumerate network settings.
- Reads runtime system information
  Reads data from /proc virtual filesystem.
- Writes file to tmp directory
  Malware often drops required files in the /tmp directory.
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Network Service Scanning

System Network Connections Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy