ccaac714876d6c0609effefc4e61551ef109281cd9e266b05cbe79264c1d39b8 | Triage

Sharing

General

Target

dea5489e5cb3966e64ed6c8cc1808d28
Size

22KB
Sample

220822-dklb3saagp
MD5

dea5489e5cb3966e64ed6c8cc1808d28
SHA1

8a66c7c20093d4e6ccb2a6db29f7321d40a80cfa
SHA256

ccaac714876d6c0609effefc4e61551ef109281cd9e266b05cbe79264c1d39b8
SHA512

df3dc1eaa3d5d68d8c4e42c14694b9a215b1997fabfbfed1f00d2cc56315a46d206072259d22e49207b22f6646163c6a0302dff55e1e82f63063b327963db8df
SSDEEP

384:pDYC95A2rM7RjFrvX2V6H2XJ8LaHYsbXPhiM4HhBJhpExUC03uhHB3QJmRxj+cuK:pDZ5Dw7RjFjcU+O24sDj4HhrhpEguX3p

Score

9^/10

linux

Malware Config

Targets

- Target
  
  dea5489e5cb3966e64ed6c8cc1808d28
- Size
  
  22KB
- MD5
  
  dea5489e5cb3966e64ed6c8cc1808d28
- SHA1
  
  8a66c7c20093d4e6ccb2a6db29f7321d40a80cfa
- SHA256
  
  ccaac714876d6c0609effefc4e61551ef109281cd9e266b05cbe79264c1d39b8
- SHA512
  
  df3dc1eaa3d5d68d8c4e42c14694b9a215b1997fabfbfed1f00d2cc56315a46d206072259d22e49207b22f6646163c6a0302dff55e1e82f63063b327963db8df
- SSDEEP
  
  384:pDYC95A2rM7RjFrvX2V6H2XJ8LaHYsbXPhiM4HhBJhpExUC03uhHB3QJmRxj+cuK:pDZ5Dw7RjFjcU+O24sDj4HhrhpEguX3p
Score

9^/10
- Modifies the Watchdog daemon
  Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
- Writes file to system bin folder
- Reads runtime system information
  Reads data from /proc virtual filesystem.
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hijack Execution Flow

Privilege Escalation

Hijack Execution Flow

Defense Evasion

Impair Defenses

Hijack Execution Flow

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1