Overview

overview

9

Static

static

82c426d9b8...f6ebcf

linux_armhf

82c426d9b8...f6ebcf

linux_mips

9

82c426d9b8...f6ebcf

linux_mipsel

82c426d9b8...f6ebcf

linux_amd64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    82c426d9b8843f279ab9d5d2613ae874d0c359c483658d01e92cc5ac68f6ebcf

  • Size

    148KB

  • Sample

    220219-qrwslsadg3

  • MD5

    d38cc4879fe0bc66cb8e772b28fbfd15

  • SHA1

    f9415ecc8dbfac555b14378000bafaefc820947c

  • SHA256

    82c426d9b8843f279ab9d5d2613ae874d0c359c483658d01e92cc5ac68f6ebcf

  • SHA512

    b5e7df3093e9b2c327839b115c2be09aec617208d9369b7edf0c3e380f6aa390bda2780789707d561015f82e5880fcf26cffbe5d435c771c49dd401f1542896d

Score
9/10
linux

Malware Config

Targets

    • Target

      82c426d9b8843f279ab9d5d2613ae874d0c359c483658d01e92cc5ac68f6ebcf

    • Size

      148KB

    • MD5

      d38cc4879fe0bc66cb8e772b28fbfd15

    • SHA1

      f9415ecc8dbfac555b14378000bafaefc820947c

    • SHA256

      82c426d9b8843f279ab9d5d2613ae874d0c359c483658d01e92cc5ac68f6ebcf

    • SHA512

      b5e7df3093e9b2c327839b115c2be09aec617208d9369b7edf0c3e380f6aa390bda2780789707d561015f82e5880fcf26cffbe5d435c771c49dd401f1542896d

    Score
    9/10

    • Modifies the Watchdog daemon

      Malware like Mirai modify the Watchdog to prevent it restarting an infected system.

    • Reads runtime system information

      Reads data from /proc virtual filesystem.

    behavioral1behavioral2behavioral3behavioral4

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

1
T1562

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks