5ecd12ffb5ada3d4aa6d8ac4a2461967a5e4edafe900f9ff4dcca6eb62f864d8 | Triage

Sharing

General

Target

888f31b9d247f3886c8a724e1a93f4fc.elf
Size

24KB
Sample

221128-hnmfrsdc95
MD5

888f31b9d247f3886c8a724e1a93f4fc
SHA1

af708b101a50a9df77b251ae979c40d6081a5ca7
SHA256

5ecd12ffb5ada3d4aa6d8ac4a2461967a5e4edafe900f9ff4dcca6eb62f864d8
SHA512

cb3be66f654b21024bf392b5c65a9ed1afd9253336065adfa2958a7d8b78df8f7a03dad2a90bdb7e384589ba61e3f8e29c5636039b841e52c0e0dc6e181e458e
SSDEEP

768:otrQlS07dEv0UXqUhvQE+CXQKMQKCXBpXgZqqWv8:iQlS07FUXqIYSXQKquIqs

Score

9^/10

Malware Config

Targets

- Target
  
  888f31b9d247f3886c8a724e1a93f4fc.elf
- Size
  
  24KB
- MD5
  
  888f31b9d247f3886c8a724e1a93f4fc
- SHA1
  
  af708b101a50a9df77b251ae979c40d6081a5ca7
- SHA256
  
  5ecd12ffb5ada3d4aa6d8ac4a2461967a5e4edafe900f9ff4dcca6eb62f864d8
- SHA512
  
  cb3be66f654b21024bf392b5c65a9ed1afd9253336065adfa2958a7d8b78df8f7a03dad2a90bdb7e384589ba61e3f8e29c5636039b841e52c0e0dc6e181e458e
- SSDEEP
  
  768:otrQlS07dEv0UXqUhvQE+CXQKMQKCXBpXgZqqWv8:iQlS07FUXqIYSXQKquIqs
Score

9^/10
- Modifies the Watchdog daemon
  Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
- Writes file to system bin folder
- Reads runtime system information
  Reads data from /proc virtual filesystem.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hijack Execution Flow

Privilege Escalation

Hijack Execution Flow

Defense Evasion

Hijack Execution Flow

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1