8459dcccc75f3a5ee56579ffdc93c8fb31c4b724e462163818a35f4f11bebcfc | Triage

Sharing

General

Target

71c7ff9c4d21858392ae494849f4cb74.elf
Size

42KB
Sample

240201-nevcxadhcj
MD5

71c7ff9c4d21858392ae494849f4cb74
SHA1

77e89964b08a928f59598f02cdb5117d21509e63
SHA256

8459dcccc75f3a5ee56579ffdc93c8fb31c4b724e462163818a35f4f11bebcfc
SHA512

8f911520791daaeb41d12d2f0e5f0a3a13b136f302c3aa9d3a7eb42168ee9427e9956230591d4b63f7e9b813d42ea330f4d41921b224fdd7a38f4d432eaae492
SSDEEP

768:i5g4AoHmzoEFm0wDkKEt732AMlQrD8PBjV3IQQBF55h94bedLWnQLvrn1G8WfO7:2bNmo0x1MtPBhYQQBv5IQzDXV7

Score

7^/10

Malware Config

Targets

- Target
  
  71c7ff9c4d21858392ae494849f4cb74.elf
- Size
  
  42KB
- MD5
  
  71c7ff9c4d21858392ae494849f4cb74
- SHA1
  
  77e89964b08a928f59598f02cdb5117d21509e63
- SHA256
  
  8459dcccc75f3a5ee56579ffdc93c8fb31c4b724e462163818a35f4f11bebcfc
- SHA512
  
  8f911520791daaeb41d12d2f0e5f0a3a13b136f302c3aa9d3a7eb42168ee9427e9956230591d4b63f7e9b813d42ea330f4d41921b224fdd7a38f4d432eaae492
- SSDEEP
  
  768:i5g4AoHmzoEFm0wDkKEt732AMlQrD8PBjV3IQQBF55h94bedLWnQLvrn1G8WfO7:2bNmo0x1MtPBhYQQBv5IQzDXV7
Score

7^/10
- Changes its process name
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
- Enumerates running processes
  Discovers information about currently running processes on the system
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Hijack Execution Flow

Privilege Escalation

Hijack Execution Flow

Defense Evasion

Hijack Execution Flow

Impair Defenses

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1