14118093cf16f93a86ff29c5bce11f7ff7f9cc5c7ba20f12e6368c7075915668 | Triage

Sharing

General

Target

NEAS.14118093cf16f93a86ff29c5bce11f7ff7f9cc5c7ba20f12e6368c7075915668elf_JC.elf
Size

86KB
Sample

231015-rjnygahf26
MD5

f621331783c1d2f65f2a42857fc4aea5
SHA1

cb57892abea2dae13c5e18e715c9d60d298f02a3
SHA256

14118093cf16f93a86ff29c5bce11f7ff7f9cc5c7ba20f12e6368c7075915668
SHA512

30a6a12ead663f73ee96949ea422f29695ada81e12f2e019896c17f42c58f49f68eaa7bf6ff7493094c08edcc31dd014d199c8f164d846a5669c803d68161f96
SSDEEP

1536:Y1n4c5QX0ZHQCO7WRWtn6oCpEXYgs0XI16EzTAelvyoNib6lathqZtY7C8c+P:uO7v0kXYgs0416ET46lathqzd8c+P

Score

7^/10

Malware Config

Targets

- Target
  
  NEAS.14118093cf16f93a86ff29c5bce11f7ff7f9cc5c7ba20f12e6368c7075915668elf_JC.elf
- Size
  
  86KB
- MD5
  
  f621331783c1d2f65f2a42857fc4aea5
- SHA1
  
  cb57892abea2dae13c5e18e715c9d60d298f02a3
- SHA256
  
  14118093cf16f93a86ff29c5bce11f7ff7f9cc5c7ba20f12e6368c7075915668
- SHA512
  
  30a6a12ead663f73ee96949ea422f29695ada81e12f2e019896c17f42c58f49f68eaa7bf6ff7493094c08edcc31dd014d199c8f164d846a5669c803d68161f96
- SSDEEP
  
  1536:Y1n4c5QX0ZHQCO7WRWtn6oCpEXYgs0XI16EzTAelvyoNib6lathqZtY7C8c+P:uO7v0kXYgs0416ET46lathqzd8c+P
Score

7^/10
- Flushes firewall rules
  Flushes/ disables firewall rules inside the Linux kernel.
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
- Writes DNS configuration
  Writes data to DNS resolver config file.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Dynamic Resolution

Exfiltration

Impact

Tasks

static1

behavioral1