27f507ba8a6fb4e3fc1d14b38e82630f46d4f43b37e6c1387f350077d959bdb2 | Triage

Sharing

General

Target

998c2fc6f285ea476145fee75f90ec43
Size

18KB
Sample

220818-yzdwrsebe4
MD5

998c2fc6f285ea476145fee75f90ec43
SHA1

10a71e9ccfffece44e3f7e7e77d97e0cbf67d381
SHA256

27f507ba8a6fb4e3fc1d14b38e82630f46d4f43b37e6c1387f350077d959bdb2
SHA512

e3806ef6fa6c884fc12fe960bbbc113dc60194422bbb8dde5d3e204ac7f4d8357439f1d3e05ad448d82b34daf93e83e6ff7e861104a3e28bfb9954ff054f6bf6
SSDEEP

384:V+UHvoCNDxEcq8XPLxRysEKMfpLqtzZkPNpcBiFqcJcK:Vi+DCofEKMfBqtzopQsd

Score

9^/10

discovery linux

Malware Config

Targets

- Target
  
  998c2fc6f285ea476145fee75f90ec43
- Size
  
  18KB
- MD5
  
  998c2fc6f285ea476145fee75f90ec43
- SHA1
  
  10a71e9ccfffece44e3f7e7e77d97e0cbf67d381
- SHA256
  
  27f507ba8a6fb4e3fc1d14b38e82630f46d4f43b37e6c1387f350077d959bdb2
- SHA512
  
  e3806ef6fa6c884fc12fe960bbbc113dc60194422bbb8dde5d3e204ac7f4d8357439f1d3e05ad448d82b34daf93e83e6ff7e861104a3e28bfb9954ff054f6bf6
- SSDEEP
  
  384:V+UHvoCNDxEcq8XPLxRysEKMfpLqtzZkPNpcBiFqcJcK:Vi+DCofEKMfBqtzopQsd
Score

9^/10

discovery
- Contacts a large (112607) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Modifies the Watchdog daemon
  Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Network Service Scanning

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1