71eaae0f694df766cf883bbf03a78aa7607bdd1fd2e7398628cd74504d1b877f | Triage

Sharing

General

Target

7c5fb1ac2c1973473627d508b79ac630.bin
Size

37KB
Sample

231223-cbpgpseacq
MD5

4dde81f1331c4389733db099a7adbc06
SHA1

aaba439cca1ffb00a1b8ea16d4b90e9a02444d6e
SHA256

71eaae0f694df766cf883bbf03a78aa7607bdd1fd2e7398628cd74504d1b877f
SHA512

817c679d3fc81b0f10f8e3de2c83bf798a30a2e5f5442c7161c30e543c8bf66bfa92fe8d99347bef7d2fdeb15848d26a4a9b59eca196eea497dd9b5a0e7eb0c1
SSDEEP

768:d5zTaNWzA+MIskv0/pSUl6AV41/3Toetb27wOEBE02DFSz4z:d5zWKdMIsk/UIAVQ/3TPJdBEzRw4z

Score

7^/10

Malware Config

Targets

- Target
  
  87eb6ffd7faa65040ddb4071cc3c0d71d357efea217a7e69d9a55bb0f6aaa284.elf
- Size
  
  84KB
- MD5
  
  7c5fb1ac2c1973473627d508b79ac630
- SHA1
  
  b8c93a9a17042a82a9d81e7ab2fd62c894482c32
- SHA256
  
  87eb6ffd7faa65040ddb4071cc3c0d71d357efea217a7e69d9a55bb0f6aaa284
- SHA512
  
  d66adcb9bedc38ca933f939a5ebc4b800c5bc4f79638c1a49d4b521b710aa972cf190e5a9d60dc6435c87c8d448219b0b8b726ea4aa95f9d98b486f683fed68e
- SSDEEP
  
  1536:sC2ruOIXs+NGmd4fIVDJZPJmoSRBv8+B52u5OOF4nb:5Ot+NGm8oDJOocvh2lnb
Score

7^/10
- Changes its process name
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
- Reads system routing table
  Gets active network interfaces from /proc virtual filesystem.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1