Overview

overview

9

Static

static

bk.mips-20...18.elf

debian-9-mips

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    bk.mips-20221002-0218.elf

  • Size

    36KB

  • Sample

    221002-crvnnafbf7

  • MD5

    c324c1d06cbe9222ea5e15752d872495

  • SHA1

    b5f19df12aebcb65c17343417ca04e6e8a389611

  • SHA256

    2121f24355bf8a6f72f57d4d88c5a1b377bf1c1f7399cdaabbb8f390a69a1904

  • SHA512

    83c85c6b4716deaaec91de4e89eeee5461b1adf4976bd77c15cb5207be173e212d4ab0b3f15526d4fbf95081f477e1abcd31de011b916438ad4651b209a439df

  • SSDEEP

    768:KpF9EAIG+ENfeOXi8kyYy1Nl/zFEUNOJkWLOGpfR3JgGlzDpbuR1JP:KznI/ENf3j1Yy1BEqOJkTGpfHVJu9

Score
9/10
discovery

Malware Config

Targets

    • Target

      bk.mips-20221002-0218.elf

    • Size

      36KB

    • MD5

      c324c1d06cbe9222ea5e15752d872495

    • SHA1

      b5f19df12aebcb65c17343417ca04e6e8a389611

    • SHA256

      2121f24355bf8a6f72f57d4d88c5a1b377bf1c1f7399cdaabbb8f390a69a1904

    • SHA512

      83c85c6b4716deaaec91de4e89eeee5461b1adf4976bd77c15cb5207be173e212d4ab0b3f15526d4fbf95081f477e1abcd31de011b916438ad4651b209a439df

    • SSDEEP

      768:KpF9EAIG+ENfeOXi8kyYy1Nl/zFEUNOJkWLOGpfR3JgGlzDpbuR1JP:KznI/ENf3j1Yy1BEqOJkTGpfHVJu9

    Score
    9/10
    discovery

    • Contacts a large (37664) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Modifies the Watchdog daemon

      Malware like Mirai modify the Watchdog to prevent it restarting an infected system.

    • Reads runtime system information

      Reads data from /proc virtual filesystem.

    • Writes file to tmp directory

      Malware often drops required files in the /tmp directory.

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks