Analysis
-
max time kernel
150s -
max time network
124s -
platform
debian-9_mips -
resource
debian9-mipsbe-20221111-en -
resource tags
arch:mipsimage:debian9-mipsbe-20221111-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipssystem -
submitted
08-08-2023 16:31
General
-
Target
SecuriteInfo.com.Linux.Siggen.9999.28296.16277.elf
-
Size
23KB
-
MD5
8bad1155b556fca8d3d9433c87a9f0e1
-
SHA1
a20c79546003dc1d47190c67ff1e579ff5d20ca5
-
SHA256
09081df20d420754042ac549b8abd72b004227b9ff269259643524d044f41ba1
-
SHA512
dc3c1cd5aa7d3a18a9ce39c2609565b42ea718adf6d7fec799bd2cae0b1330e9ca1a41da22a77dea29df2faaf1dee2662972b508380234a123424e818fe337cc
-
SSDEEP
384:+8CiWwqONsP1gznEg78L7TZhedY5Mwbo/uTwqBTkWNDEvi+VqmfXFJgGlzDpH7uw:+riYONxD6Kx9uTt/NYvRVqeXFJgGlzDJ
Malware Config
Extracted
Family
mirai
Botnet
LZRD
Signatures
-
Modifies Watchdog functionality 1 TTPs 2 IoCs
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
Processes:
description ioc File opened for modification /dev/watchdog File opened for modification /dev/misc/watchdog -
Writes file to system bin folder 1 TTPs 2 IoCs
Processes:
description ioc File opened for modification /bin/watchdog File opened for modification /sbin/watchdog
Processes
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/338-1-0x00400000-0x00451a58-memory.dmp