Overview

overview

9

Static

static

7

lok.arm7.elf

debian-9-armhf

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    lok.arm7.elf

  • Size

    59KB

  • Sample

    230331-yd3yrsch42

  • MD5

    edb64280b729e3299ca43c99939161b9

  • SHA1

    530d42ad15f5da90cbbb700ca8a8d2005dc1471f

  • SHA256

    60628ba3c363a8719f43139402794a925059096ac987d12a3370d64f5be0dd5d

  • SHA512

    68550ed42b6774cfbf8e1821bcb19a35ffb3d1f46d25f452c04e973bfb2fa45cf45440429cbf3f6289b44041eb265983ed71f66b9aee9ee37b4c9315df9f35be

  • SSDEEP

    1536:QqPm6pbZMeQYXQBpqYtgU7ChRPwKL185HApNs:rmcaeQYXQl3AyKLOtH

Score
9/10
discoveryupx

Malware Config

Targets

    • Target

      lok.arm7.elf

    • Size

      59KB

    • MD5

      edb64280b729e3299ca43c99939161b9

    • SHA1

      530d42ad15f5da90cbbb700ca8a8d2005dc1471f

    • SHA256

      60628ba3c363a8719f43139402794a925059096ac987d12a3370d64f5be0dd5d

    • SHA512

      68550ed42b6774cfbf8e1821bcb19a35ffb3d1f46d25f452c04e973bfb2fa45cf45440429cbf3f6289b44041eb265983ed71f66b9aee9ee37b4c9315df9f35be

    • SSDEEP

      1536:QqPm6pbZMeQYXQBpqYtgU7ChRPwKL185HApNs:rmcaeQYXQl3AyKLOtH

    Score
    9/10
    discovery

    • Contacts a large (41276) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Modifies the Watchdog daemon

      Malware like Mirai modify the Watchdog to prevent it restarting an infected system.

    • Reads runtime system information

      Reads data from /proc virtual filesystem.

    • Writes file to tmp directory

      Malware often drops required files in the /tmp directory.

    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

1
T1562

Credential Access

Discovery

Network Service Scanning

2
T1046

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks