Extracted

• • Target

    yxbitkdccc_.elf

  • Size

    611KB

  • MD5

    a2279a054fba006fd74c3b61ddc6a3ef

  • SHA1

    df2a4c91d86be560c7c19628923b601af460258d

  • SHA256

    ce0f1914e0f0748f85ecc18d8470de2a0b2b60be7eaab7a459899f77993e82e6

  • SHA512

    089bf2ef2926e6cdd93412ce006fb06cf8c75f60c9adb475c4798532b2214e083b4d1a6dd29b864a77c9744a953e67a40c2dc7195661682cfaa268c549e9cbe5

  • SSDEEP

    12288:FBXOvdwV1/n/dQFhWlH/c1dHo4h9L+zNZrryT6yF8EEP4UlUuTh1AR:FBXmkN/+Fhu/Qo4h9L+zNNyBVEBl/91I

  Score

  9^/10

  persistence

  • Writes file to system bin folder

  • Creates/modifies Cron job

    Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    persistence

  • Modifies rc script

    Adding/modifying system rc scripts is a common persistence mechanism.

    persistence

  • Write file to user bin folder

  • Reads runtime system information

    Reads data from /proc virtual filesystem.

  • Writes file to tmp directory

    Malware often drops required files in the /tmp directory.

  behavioral1