a8843447d9a33e91717659caf63ae57dd320261736535d23cf93ca7d0f159d83 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a8843447d9a33e91717659caf63ae57dd320261736535d23cf93ca7d0f159d83.elf
Size

58KB
Sample

240213-e6jk2sbf84
MD5

c3cda06b089c5b66d4ce9aadad0e9664
SHA1

6470f9998a06aa520d051411751a60380a304b18
SHA256

a8843447d9a33e91717659caf63ae57dd320261736535d23cf93ca7d0f159d83
SHA512

31382cab9008419f5a1828df613d8d4accabac05541c8f64319ea67745b580852bbf6ef469d73c4d634b70576e4992fd740fc0eca4054c02dbaf064f4e3f603c
SSDEEP

1536:ftnHSjiyUhIQehenss59bJ0fawbeNl1fibyZr4HpD:x17hTss59bJ0fax6yZrED

Score

7^/10

Malware Config

Targets

- Target
  
  a8843447d9a33e91717659caf63ae57dd320261736535d23cf93ca7d0f159d83.elf
- Size
  
  58KB
- MD5
  
  c3cda06b089c5b66d4ce9aadad0e9664
- SHA1
  
  6470f9998a06aa520d051411751a60380a304b18
- SHA256
  
  a8843447d9a33e91717659caf63ae57dd320261736535d23cf93ca7d0f159d83
- SHA512
  
  31382cab9008419f5a1828df613d8d4accabac05541c8f64319ea67745b580852bbf6ef469d73c4d634b70576e4992fd740fc0eca4054c02dbaf064f4e3f603c
- SSDEEP
  
  1536:ftnHSjiyUhIQehenss59bJ0fawbeNl1fibyZr4HpD:x17hTss59bJ0fax6yZrED
Score

7^/10
- Changes its process name
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1