8c8e3cbf2f4151cb1e925282ae540c0d435069d62b9cb6d8af520ebb92f6f3fb | Triage

Sharing

General

Target

8c8e3cbf2f4151cb1e925282ae540c0d435069d62b9cb6d8af520ebb92f6f3fb.elf
Size

34KB
Sample

240213-dspz8sgd26
MD5

4d02d7585e2a049446aac1f71eedadbc
SHA1

499a192145ee318fbb989ccb85e3bed0bef9b994
SHA256

8c8e3cbf2f4151cb1e925282ae540c0d435069d62b9cb6d8af520ebb92f6f3fb
SHA512

4ed1c308d35e07aa6fb090f2c0dd334a2bbb9b5b98aa6937809e3e250007a937040032486d7b3d46c8e01ed7cded4e7ff3d93e9574618b9c5c0684b40175e0f1
SSDEEP

768:WflrswNT4Cixxbaf0r+XUc6Rx9zlUp41tWvKfOr:QTixxbMBUc0jzlUetK

Score

7^/10

upx

Malware Config

Targets

- Target
  
  8c8e3cbf2f4151cb1e925282ae540c0d435069d62b9cb6d8af520ebb92f6f3fb.elf
- Size
  
  34KB
- MD5
  
  4d02d7585e2a049446aac1f71eedadbc
- SHA1
  
  499a192145ee318fbb989ccb85e3bed0bef9b994
- SHA256
  
  8c8e3cbf2f4151cb1e925282ae540c0d435069d62b9cb6d8af520ebb92f6f3fb
- SHA512
  
  4ed1c308d35e07aa6fb090f2c0dd334a2bbb9b5b98aa6937809e3e250007a937040032486d7b3d46c8e01ed7cded4e7ff3d93e9574618b9c5c0684b40175e0f1
- SSDEEP
  
  768:WflrswNT4Cixxbaf0r+XUc6Rx9zlUp41tWvKfOr:QTixxbMBUc0jzlUetK
Score

7^/10
- Flushes firewall rules
  Flushes/ disables firewall rules inside the Linux kernel.
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
- Writes DNS configuration
  Writes data to DNS resolver config file.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Dynamic Resolution

Exfiltration

Impact

Tasks

static1

behavioral1