4c04f8b68936da1eccf6f8989a7dd1b20deea8f9c751d14cf94cb51cef09f466 | Triage

Sharing

General

Target

865b330f60a487622ac84aa0cafd635b
Size

84KB
Sample

240201-jxdqnahagl
MD5

865b330f60a487622ac84aa0cafd635b
SHA1

1991ae1287c9d759733ecb7b7a93e8a9972c51bf
SHA256

4c04f8b68936da1eccf6f8989a7dd1b20deea8f9c751d14cf94cb51cef09f466
SHA512

b5a33a65b1e07c27ec75e88291798e51b6e38ace0b16649012f9f4fc36fc26a4e23d2c4ee7b11e020f06b03c4deab6fdaf3216c1d5612e1a5ec0d0781155b156
SSDEEP

1536:sC2ruOIXs+NGmd4fIVDJZPJmoSRBv8+B52u5OOF4Sb:5Ot+NGm8oDJOocvh2lSb

Score

7^/10

Malware Config

Targets

- Target
  
  865b330f60a487622ac84aa0cafd635b
- Size
  
  84KB
- MD5
  
  865b330f60a487622ac84aa0cafd635b
- SHA1
  
  1991ae1287c9d759733ecb7b7a93e8a9972c51bf
- SHA256
  
  4c04f8b68936da1eccf6f8989a7dd1b20deea8f9c751d14cf94cb51cef09f466
- SHA512
  
  b5a33a65b1e07c27ec75e88291798e51b6e38ace0b16649012f9f4fc36fc26a4e23d2c4ee7b11e020f06b03c4deab6fdaf3216c1d5612e1a5ec0d0781155b156
- SSDEEP
  
  1536:sC2ruOIXs+NGmd4fIVDJZPJmoSRBv8+B52u5OOF4Sb:5Ot+NGm8oDJOocvh2lSb
Score

7^/10
- Changes its process name
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
- Reads system routing table
  Gets active network interfaces from /proc virtual filesystem.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1