Overview

overview

10

Static

static

10

x86.elf

ubuntu-18.04-amd64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    x86.elf

  • Size

    114KB

  • Sample

    230404-hn73gadd72

  • MD5

    a51a9e6cb3be3542c29ae5cc9965537b

  • SHA1

    9f69f6ecde8de7f96ce99fab275d4da7d1293793

  • SHA256

    ef7e1b0aa597afc2a7aec157a317a5048a4e712c19785a4345c05c50e8e637c4

  • SHA512

    9ea24c30353fc988f221b39cc27cced786fa224e3695e2b66a1119cab9f90c3083c25360ed9b2f1261e26a75e97837079a462f40d04da9430a0d23fd358a358b

  • SSDEEP

    3072:uirMUYZMo/QJLRZDsqtxqLX5I/uJioud2yd1m7FnVqfJXoebNb:SKo/O8qtUbKbbm7FnVqfJXoebNb

Score
10/10
gafgytlinux

Malware Config

Targets

    • Target

      x86.elf

    • Size

      114KB

    • MD5

      a51a9e6cb3be3542c29ae5cc9965537b

    • SHA1

      9f69f6ecde8de7f96ce99fab275d4da7d1293793

    • SHA256

      ef7e1b0aa597afc2a7aec157a317a5048a4e712c19785a4345c05c50e8e637c4

    • SHA512

      9ea24c30353fc988f221b39cc27cced786fa224e3695e2b66a1119cab9f90c3083c25360ed9b2f1261e26a75e97837079a462f40d04da9430a0d23fd358a358b

    • SSDEEP

      3072:uirMUYZMo/QJLRZDsqtxqLX5I/uJioud2yd1m7FnVqfJXoebNb:SKo/O8qtUbKbbm7FnVqfJXoebNb

    Score
    9/10

    • Modifies the Watchdog daemon

      Malware like Mirai modify the Watchdog to prevent it restarting an infected system.

    • Modifies hosts file

      Adds to hosts file used for mapping hosts to IP addresses.

    • Writes DNS configuration

      Writes data to DNS resolver config file.

    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

    • Reads system network configuration

      Uses contents of /proc filesystem to enumerate network settings.

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks