Resubmissions

08/01/2024, 09:20

240108-lawn3afhd3 7

General

  • Target

    1c586ad31dcba128cced4797f23fd8d3f1bb04c44abbfdba3cb3844fc87c21db.elf

  • Size

    5.0MB

  • Sample

    240108-lawn3afhd3

  • MD5

    14be5f004bc5e7a33c3057df92ad9a16

  • SHA1

    3f1ef27c55ca816b285fb1be4ef6db3af94a1f32

  • SHA256

    1c586ad31dcba128cced4797f23fd8d3f1bb04c44abbfdba3cb3844fc87c21db

  • SHA512

    5b5a34bc067296caa6d71df57085867a47d9b3b7f0d2fd78ddbb62bd87ae4a5974f1423d1b05b924a824124513dd767422333d5774b3ee1825f7366ffdd62ee1

  • SSDEEP

    49152:E33d0lGt6UHcFL7Rn2o03wiEhiDmzzd/9sARlBs/00Cpfx9a9uNYp9hW16klbU6V:E33GlbU8FwmzzRDZ9mjqRV

Score
7/10

Malware Config

Targets

    • Target

      1c586ad31dcba128cced4797f23fd8d3f1bb04c44abbfdba3cb3844fc87c21db.elf

    • Size

      5.0MB

    • MD5

      14be5f004bc5e7a33c3057df92ad9a16

    • SHA1

      3f1ef27c55ca816b285fb1be4ef6db3af94a1f32

    • SHA256

      1c586ad31dcba128cced4797f23fd8d3f1bb04c44abbfdba3cb3844fc87c21db

    • SHA512

      5b5a34bc067296caa6d71df57085867a47d9b3b7f0d2fd78ddbb62bd87ae4a5974f1423d1b05b924a824124513dd767422333d5774b3ee1825f7366ffdd62ee1

    • SSDEEP

      49152:E33d0lGt6UHcFL7Rn2o03wiEhiDmzzd/9sARlBs/00Cpfx9a9uNYp9hW16klbU6V:E33GlbU8FwmzzRDZ9mjqRV

    Score
    7/10
    • Executes dropped EXE

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    • Creates/modifies environment variables

      Creating/modifying environment variables is a common persistence mechanism.

    • Enumerates running processes

      Discovers information about currently running processes on the system

    • Modifies init.d

      Adds/modifies system service, likely for persistence.

    • Reads CPU attributes

    • Modifies Bash startup script

MITRE ATT&CK Enterprise v15

Tasks