Overview

overview

9

Static

static

X86_64

linux_amd64

9

X86_64

linux_mipsel

X86_64

linux_mips

Analysis

  • max time kernel
    3998s
  • max time network
    145s
  • platform
    linux_amd64
  • resource
    ubuntu-amd64
  • submitted
    27-09-2021 18:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    X86_64

  • Size

    79KB

  • MD5

    28007c7ac1c6c2880279aeaab2c25f17

  • SHA1

    ac64ad6324ac4ccf079dfd4c8255d1cbf3175306

  • SHA256

    5fa70a36cc2ac68dfe216e4007848b7e90722a82acc7ca1778780b7393b3f735

  • SHA512

    d8b63bd73cd59f852723fdf58ea661a56bb1924746b8c4b0a9ca609cc02a532d51b3d51ccbcc798b6f734365377bbef1cf5bd706f7359f560386855ed14f7547

Score
9/10

Malware Config

Signatures

  • Modifies the Watchdog daemon 1 TTPs

    Malware like Mirai modify the Watchdog to prevent it restarting an infected system.

  • Reads system routing table 1 TTPs 1 IoCs

    Gets active network interfaces from /proc virtual filesystem.

  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

Processes

  • ./X86_64
    ./X86_64
    1⤵
    • Reads system routing table
    • Reads system network configuration
    PID:674

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

1
T1562

Credential Access

Discovery

System Network Configuration Discovery

2
T1016

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads