Overview

overview

9

Static

static

7

777f9c7211...2866ca

debian-9-mips

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    777f9c721144f75f7fc3590ef62866ca

  • Size

    27KB

  • Sample

    231220-bj6waadgbl

  • MD5

    777f9c721144f75f7fc3590ef62866ca

  • SHA1

    ab60b85d3a674cbbd3d3017a2ce09e7975ef5cf2

  • SHA256

    cbbb48bc0ef631887bb6129f33e8a8992460e877465b483cfd03ca1d53151064

  • SHA512

    d2dde5f7b091e23f02e367adca59326a5d2202859362d42b6fdf8891625c722be461bfa27671bbc13e0eae5435d7f0ea657b6b242d1ae9674033a29361bce87d

  • SSDEEP

    768:/MVuRufJ2zyW5/+I2dOzFkh+e37Ig4ilO1V0JgGlzDpbuR1Jy:UVuRTOo/fkh+e371lO1VsVJus

Score
9/10
discoveryupx

Malware Config

Targets

    • Target

      777f9c721144f75f7fc3590ef62866ca

    • Size

      27KB

    • MD5

      777f9c721144f75f7fc3590ef62866ca

    • SHA1

      ab60b85d3a674cbbd3d3017a2ce09e7975ef5cf2

    • SHA256

      cbbb48bc0ef631887bb6129f33e8a8992460e877465b483cfd03ca1d53151064

    • SHA512

      d2dde5f7b091e23f02e367adca59326a5d2202859362d42b6fdf8891625c722be461bfa27671bbc13e0eae5435d7f0ea657b6b242d1ae9674033a29361bce87d

    • SSDEEP

      768:/MVuRufJ2zyW5/+I2dOzFkh+e37Ig4ilO1V0JgGlzDpbuR1Jy:UVuRTOo/fkh+e371lO1VsVJus

    Score
    9/10
    discovery

    • Contacts a large (22873) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Changes its process name

    • Deletes itself

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Enumerates active TCP sockets

      Gets active TCP sockets from /proc virtual filesystem.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks