c6946ab8cef1cda51158c75f957192b0bdfd9f40228887fd3e586bd34b9898c8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dd67b26ea74ce16a168ba9b7f8d0f766.elf
Size

45KB
Sample

220912-x9jpbshgej
MD5

dd67b26ea74ce16a168ba9b7f8d0f766
SHA1

583a2536bf93d7cdab8b7b8d94df8082ad18b49b
SHA256

c6946ab8cef1cda51158c75f957192b0bdfd9f40228887fd3e586bd34b9898c8
SHA512

203effeb2e1bda4d3386e9e747f4efe2fe848ea132cc7275c5fa88e22ca0bce85a530f09c2957bf778da42b5c90f488ecbb21804d49a4f22aab865445dab8777
SSDEEP

768:D/TYCoIxdEk+AxoTZAZHFeq8b3Fe/9q3UELbUXfi6nVMQHI4vcGpvv:DECFd+A6YHAxFDLRQZv

Score

9^/10

Malware Config

Targets

- Target
  
  dd67b26ea74ce16a168ba9b7f8d0f766.elf
- Size
  
  45KB
- MD5
  
  dd67b26ea74ce16a168ba9b7f8d0f766
- SHA1
  
  583a2536bf93d7cdab8b7b8d94df8082ad18b49b
- SHA256
  
  c6946ab8cef1cda51158c75f957192b0bdfd9f40228887fd3e586bd34b9898c8
- SHA512
  
  203effeb2e1bda4d3386e9e747f4efe2fe848ea132cc7275c5fa88e22ca0bce85a530f09c2957bf778da42b5c90f488ecbb21804d49a4f22aab865445dab8777
- SSDEEP
  
  768:D/TYCoIxdEk+AxoTZAZHFeq8b3Fe/9q3UELbUXfi6nVMQHI4vcGpvv:DECFd+A6YHAxFDLRQZv
Score

9^/10
- Modifies the Watchdog daemon
  Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
- Writes file to system bin folder
- Reads runtime system information
  Reads data from /proc virtual filesystem.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hijack Execution Flow

Privilege Escalation

Hijack Execution Flow

Defense Evasion

Hijack Execution Flow

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1