de0e4338b169b5aa1852305a6810384fd85f7d62567bf918f7be79c7e2012565 | Triage

Sharing

General

Target

z0r0.arm7
Size

54KB
Sample

211205-xgyb1sffb5
MD5

5e58fc8ba578c41a8c563e885e6efb0f
SHA1

625f25720957da07dc3cea31c491f6be3c3d1d91
SHA256

de0e4338b169b5aa1852305a6810384fd85f7d62567bf918f7be79c7e2012565
SHA512

821101f6c49e3964c4f08af7e81b69aaa01e4fe34f8936446f7aae8581976e9072a48f5536dd6e3cfe54eedb1eb20e4934d4cb2157473417009e6e4c10c26b91

Score

9^/10

linux

Malware Config

Targets

- Target
  
  z0r0.arm7
- Size
  
  54KB
- MD5
  
  5e58fc8ba578c41a8c563e885e6efb0f
- SHA1
  
  625f25720957da07dc3cea31c491f6be3c3d1d91
- SHA256
  
  de0e4338b169b5aa1852305a6810384fd85f7d62567bf918f7be79c7e2012565
- SHA512
  
  821101f6c49e3964c4f08af7e81b69aaa01e4fe34f8936446f7aae8581976e9072a48f5536dd6e3cfe54eedb1eb20e4934d4cb2157473417009e6e4c10c26b91
Score

9^/10
- Modifies the Watchdog daemon
  Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
- Reads runtime system information
  Reads data from /proc virtual filesystem.
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1