General

  • Target

    f9169ae0fd93d431222bbd754c7945b0

  • Size

    165KB

  • Sample

    220806-ymhzyscgc2

  • MD5

    f9169ae0fd93d431222bbd754c7945b0

  • SHA1

    b7313f847f76c537d3b6c2208ba15fcca9406e7a

  • SHA256

    e4aa41282c04fa1e0dcc15b2a7f2e5a6a744da73bfdca2739e84543fd9f4eb5a

  • SHA512

    26f06fff10d9c43fb9a76cbf51249f9646fe134e6962aa339cac96d5df84355324047b21ebb06bed1fdf2e8f8eac1e6318e10ee6fbd1f6ffcef771f158105fa1

Score
10/10

Malware Config

Targets

    • Target

      f9169ae0fd93d431222bbd754c7945b0

    • Size

      165KB

    • MD5

      f9169ae0fd93d431222bbd754c7945b0

    • SHA1

      b7313f847f76c537d3b6c2208ba15fcca9406e7a

    • SHA256

      e4aa41282c04fa1e0dcc15b2a7f2e5a6a744da73bfdca2739e84543fd9f4eb5a

    • SHA512

      26f06fff10d9c43fb9a76cbf51249f9646fe134e6962aa339cac96d5df84355324047b21ebb06bed1fdf2e8f8eac1e6318e10ee6fbd1f6ffcef771f158105fa1

    Score
    9/10
    • Contacts a large (323055) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Modifies the Watchdog daemon

      Malware like Mirai modify the Watchdog to prevent it restarting an infected system.

    • Writes file to tmp directory

      Malware often drops required files in the /tmp directory.

MITRE ATT&CK Matrix ATT&CK v6

Defense Evasion

Impair Defenses

1
T1562

Discovery

Network Service Scanning

2
T1046

Tasks