Overview

overview

7

Static

static

7

8a11c1fda3...23b33d

debian-9-armhf

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8a11c1fda3651f497c3118231b23b33d

  • Size

    51KB

  • Sample

    231220-gqp41aegfr

  • MD5

    8a11c1fda3651f497c3118231b23b33d

  • SHA1

    c59fa0e022b875a2d9f216be607bd57f2be3c7e8

  • SHA256

    ec844ea9899b5a12f1f8320484f38288d6ca10d965d97d01702df26bd7ece2d7

  • SHA512

    d0c8569ebda4f2ba5bb789747be8bab3423f072adb4458a83521b38e9d9d9a7abd8b380df4542acc69fa70f9093aadbc57e3be61fcde18ee2cfb937b2a5ee0bd

  • SSDEEP

    768:8zpUCRAJ+ve4/8EfklWRs/3PvyS0KnBLr/YH66rA/LtsNpwsGD3U1EE1IIii/1yl:8n0+vey6SAPvp0KnM8hsYkKC1w

Score
7/10
upx

Malware Config

Targets

    • Target

      8a11c1fda3651f497c3118231b23b33d

    • Size

      51KB

    • MD5

      8a11c1fda3651f497c3118231b23b33d

    • SHA1

      c59fa0e022b875a2d9f216be607bd57f2be3c7e8

    • SHA256

      ec844ea9899b5a12f1f8320484f38288d6ca10d965d97d01702df26bd7ece2d7

    • SHA512

      d0c8569ebda4f2ba5bb789747be8bab3423f072adb4458a83521b38e9d9d9a7abd8b380df4542acc69fa70f9093aadbc57e3be61fcde18ee2cfb937b2a5ee0bd

    • SSDEEP

      768:8zpUCRAJ+ve4/8EfklWRs/3PvyS0KnBLr/YH66rA/LtsNpwsGD3U1EE1IIii/1yl:8n0+vey6SAPvp0KnM8hsYkKC1w

    Score
    7/10

    • Changes its process name

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Enumerates active TCP sockets

      Gets active TCP sockets from /proc virtual filesystem.

    • Enumerates running processes

      Discovers information about currently running processes on the system

    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks