acf7bd2d231a075090b23bbe305ce4b3207bd5d0c88d7b9bbbf8fe8d5a54a1ff | Triage

Sharing

Copy URL Twitter E-mail

General

Target

softbot.mips.elf
Size

79KB
Sample

230923-yw4ysaac4v
MD5

7a2447eb4cc11565ae926d0aa75bfe3a
SHA1

9bd7d0ddc5b469cd59ee09e35d6a34ac23480e70
SHA256

acf7bd2d231a075090b23bbe305ce4b3207bd5d0c88d7b9bbbf8fe8d5a54a1ff
SHA512

42b221a42d0aa96b4861737da25148048e8c87651cbdb343e5877ea75ce9aa683affe675ff7b488746007844a1a449cd27947ac791f7cc23077a4a2268d1acec
SSDEEP

1536:ppFcbuIhXI7RNt0cf35L7sgkc7Nw5TetYXkuI3h:pF0cf35L7sgkCNi5XkuS

Score

7^/10

Malware Config

Targets

- Target
  
  softbot.mips.elf
- Size
  
  79KB
- MD5
  
  7a2447eb4cc11565ae926d0aa75bfe3a
- SHA1
  
  9bd7d0ddc5b469cd59ee09e35d6a34ac23480e70
- SHA256
  
  acf7bd2d231a075090b23bbe305ce4b3207bd5d0c88d7b9bbbf8fe8d5a54a1ff
- SHA512
  
  42b221a42d0aa96b4861737da25148048e8c87651cbdb343e5877ea75ce9aa683affe675ff7b488746007844a1a449cd27947ac791f7cc23077a4a2268d1acec
- SSDEEP
  
  1536:ppFcbuIhXI7RNt0cf35L7sgkc7Nw5TetYXkuI3h:pF0cf35L7sgkCNi5XkuS
Score

7^/10
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
- Writes DNS configuration
  Writes data to DNS resolver config file.
- Enumerates running processes
  Discovers information about currently running processes on the system
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Dynamic Resolution

Exfiltration

Impact

Tasks

static1

behavioral1