General

  • Target

    X86_64

  • Size

    77KB

  • Sample

    210510-lwtjexlpbe

  • MD5

    cdbcdf4556113dabacc3d3f19949ed75

  • SHA1

    824d9514de587cc921e04e6fb2c7dd2bb8c8687f

  • SHA256

    012a4ff40cb29b0f31d4ab1089eab7296666e3477bcb8e508517074df9768894

  • SHA512

    08e54585890b6a93513468e270fb0d50bc15157d301843836cb76bebccf90c606b124fd2277612d7ebb35e62a13290f3df863043d1ffea1ab3ac6bfc84f9f581

Score
9/10

Malware Config

Targets

    • Target

      X86_64

    • Size

      77KB

    • MD5

      cdbcdf4556113dabacc3d3f19949ed75

    • SHA1

      824d9514de587cc921e04e6fb2c7dd2bb8c8687f

    • SHA256

      012a4ff40cb29b0f31d4ab1089eab7296666e3477bcb8e508517074df9768894

    • SHA512

      08e54585890b6a93513468e270fb0d50bc15157d301843836cb76bebccf90c606b124fd2277612d7ebb35e62a13290f3df863043d1ffea1ab3ac6bfc84f9f581

    Score
    9/10
    • Modifies the Watchdog daemon

      Malware like Mirai modify the Watchdog to prevent it restarting an infected system.

    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

    • Reads system network configuration

      Uses contents of /proc filesystem to enumerate network settings.

MITRE ATT&CK Matrix ATT&CK v6

Defense Evasion

Impair Defenses

1
T1562

Discovery

System Network Configuration Discovery

2
T1016

Tasks