General

  • Target

    c3d82e6483787905d51e45b24b0def9a

  • Size

    113KB

  • Sample

    220808-x1g45sehhp

  • MD5

    c3d82e6483787905d51e45b24b0def9a

  • SHA1

    d9b89f6d7204b10d44e6c13a9f16f83b7c723e84

  • SHA256

    33193f0a73bc11cc6a3aef1fbe2d0957d042a8540df7242767906721f3347347

  • SHA512

    a8a6eb1ea674acbaa627ea03018db7c91ea3183d22e51a71f43b88c8ee472d61d090d3be07e2b7414298d767e5ec3fdfe93df0f36c4e04342538fa2a36978bc6

Score
10/10

Malware Config

Targets

    • Target

      c3d82e6483787905d51e45b24b0def9a

    • Size

      113KB

    • MD5

      c3d82e6483787905d51e45b24b0def9a

    • SHA1

      d9b89f6d7204b10d44e6c13a9f16f83b7c723e84

    • SHA256

      33193f0a73bc11cc6a3aef1fbe2d0957d042a8540df7242767906721f3347347

    • SHA512

      a8a6eb1ea674acbaa627ea03018db7c91ea3183d22e51a71f43b88c8ee472d61d090d3be07e2b7414298d767e5ec3fdfe93df0f36c4e04342538fa2a36978bc6

    Score
    9/10
    • Modifies the Watchdog daemon

      Malware like Mirai modify the Watchdog to prevent it restarting an infected system.

    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

    • Reads system network configuration

      Uses contents of /proc filesystem to enumerate network settings.

MITRE ATT&CK Matrix

Collection

    Command and Control

      Credential Access

        Defense Evasion

          Execution

            Exfiltration

              Impact

                Initial Access

                  Lateral Movement

                    Persistence

                      Privilege Escalation