a8f7eaf999eb6cc8461f785fad13da30315da80b534cae047c5811bbea3351e3 | Triage

Submit
Reports

Overview

overview

9

Static

static

1

SecuriteIn...17.elf

debian-9-armhf

9

Analysis

max time kernel
149s
max time network
151s
platform
debian-9_armhf
resource
debian9-armhf-20221125-en
resource tags

arch:armhfimage:debian9-armhf-20221125-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
submitted
15-05-2023 08:32

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

SecuriteInfo.com.Trojan.Linux.Generic.270053.1311.22417.elf

Resource

debian9-armhf-20221125-en

debian-9-armhf

1 signatures

150 seconds

Report Analysis Logs

General

Target

SecuriteInfo.com.Trojan.Linux.Generic.270053.1311.22417.elf
Size

77KB
MD5

33d2ae1f5cee2a033be5bb8447296816
SHA1

8a66979a5ac882dd228ef3b036c1e50e3b16c974
SHA256

a8f7eaf999eb6cc8461f785fad13da30315da80b534cae047c5811bbea3351e3
SHA512

48e4d8b303b82547b9b24dd1b8d84d5b513880a31b2a6799f842df3fa5b744006a34f09258b3f5bb714ba4fb00e6a9778d385400399cd0f7c7d9edf830d75f00
SSDEEP

1536:B3+IYXCJDHFMFjEPL75tQ6h4e2+K/ZKTishko14nTJuP:h+HXs51tQe4PUT

Score

9^/10

Malware Config

Signatures

Modifies the Watchdog daemon 1 TTPs
Malware like Mirai modify the Watchdog to prevent it restarting an infected system.

Impair Defenses
T1562

Processes

/tmp/SecuriteInfo.com.Trojan.Linux.Generic.270053.1311.22417.elf
/tmp/SecuriteInfo.com.Trojan.Linux.Generic.270053.1311.22417.elf
1⤵
PID:362

iptables
iptables -C OUTPUT -p tcp --tcp-flags RST RST -j DROP --sport 50000:55000
1⤵
PID:364

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2024

Terms | Privacy