4f59795c2912a86f7de9c22fd9e9f03d512d8ad8703266b5e66d19d791b19d7e | Triage

Sharing

General

Target

866f7339748c170108fc8bf1026caa2b
Size

22KB
Sample

220816-wnk5lafcd6
MD5

866f7339748c170108fc8bf1026caa2b
SHA1

7fc02ccf88a91a24f23bd4a5201051047ae6e575
SHA256

4f59795c2912a86f7de9c22fd9e9f03d512d8ad8703266b5e66d19d791b19d7e
SHA512

fd8afdc020980e80e27ef5718f28e878a39c51b13f557cffd1dd3e69d50f6656d1d759090673968a91eb8f1284393ef78b22feb0669c030ff7e65d3c05441778
SSDEEP

384:UDYC95A2rM7RjFrvX2V6H2XJ8LaHYsbX1chiM4HhBJhpExUC03uhHB3QJmRxoLjB:UDZ5Dw7RjFjcU+O24sDS4HhrhpEguX3+

Score

9^/10

linux

Malware Config

Targets

- Target
  
  866f7339748c170108fc8bf1026caa2b
- Size
  
  22KB
- MD5
  
  866f7339748c170108fc8bf1026caa2b
- SHA1
  
  7fc02ccf88a91a24f23bd4a5201051047ae6e575
- SHA256
  
  4f59795c2912a86f7de9c22fd9e9f03d512d8ad8703266b5e66d19d791b19d7e
- SHA512
  
  fd8afdc020980e80e27ef5718f28e878a39c51b13f557cffd1dd3e69d50f6656d1d759090673968a91eb8f1284393ef78b22feb0669c030ff7e65d3c05441778
- SSDEEP
  
  384:UDYC95A2rM7RjFrvX2V6H2XJ8LaHYsbX1chiM4HhBJhpExUC03uhHB3QJmRxoLjB:UDZ5Dw7RjFjcU+O24sDS4HhrhpEguX3+
Score

9^/10
- Modifies the Watchdog daemon
  Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
- Writes file to system bin folder
- Reads runtime system information
  Reads data from /proc virtual filesystem.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hijack Execution Flow

Privilege Escalation

Hijack Execution Flow

Defense Evasion

Hijack Execution Flow

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1