Overview

overview

10

Static

static

10

76ada34bf6...9fcece

ubuntu-18.04-amd64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    76ada34bf673094ebd01adb2d59fcece

  • Size

    134KB

  • Sample

    231220-bavfwsgcb2

  • MD5

    76ada34bf673094ebd01adb2d59fcece

  • SHA1

    0c13416fc57e2ac6e2fa113b4a67b6860ba575a9

  • SHA256

    1cbab2020d4136bc2ba83f0db5dfe717f4a5cbf050e95e6b5de18ed00e69bf59

  • SHA512

    68019ace5efcfcaae3c601efd04563c8141e950dc4942bdef01c12b223b154963b2a51acfd27cdf2f06494707ca9082e90c9334ecf4cbb317e1f71e53197b3fe

  • SSDEEP

    3072:4ZQZY32coHADuezsYHVOncO880kkGJ0kwLto3mNoMVqF4fF2t6:1BczDlzs8Ocb88Q3mNoMVqF4fF2t6

Score
10/10
gafgytdiscoverylinux

Malware Config

Targets

    • Target

      76ada34bf673094ebd01adb2d59fcece

    • Size

      134KB

    • MD5

      76ada34bf673094ebd01adb2d59fcece

    • SHA1

      0c13416fc57e2ac6e2fa113b4a67b6860ba575a9

    • SHA256

      1cbab2020d4136bc2ba83f0db5dfe717f4a5cbf050e95e6b5de18ed00e69bf59

    • SHA512

      68019ace5efcfcaae3c601efd04563c8141e950dc4942bdef01c12b223b154963b2a51acfd27cdf2f06494707ca9082e90c9334ecf4cbb317e1f71e53197b3fe

    • SSDEEP

      3072:4ZQZY32coHADuezsYHVOncO880kkGJ0kwLto3mNoMVqF4fF2t6:1BczDlzs8Ocb88Q3mNoMVqF4fF2t6

    Score
    9/10
    discovery

    • Contacts a large (46864) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Changes its process name

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks