enemybot | d244b3079b96110649dc0080adeab0d22e853bc3f979883d947626a361c25e9b | Triage

Submit
Reports

Overview

overview

Static

static

f86ee8fe2f...7b.elf

debian-9-mipsel

7

Sharing

General

Target

f86ee8fe2ff8cd8357dee139129f2f7b.elf
Size

271KB
Sample

240220-2q4bvaga4y
MD5

f86ee8fe2ff8cd8357dee139129f2f7b
SHA1

8bc18ec12361021dcd90b79edc3fd7778f6cab1b
SHA256

d244b3079b96110649dc0080adeab0d22e853bc3f979883d947626a361c25e9b
SHA512

00991734113b6d0a8c2fb9bc02195b1dbc87da69b23bc76af9971d8270a113e2a8710bc9bd70d59cb9aa60507887d92625418e17f44131118637178b154d569d
SSDEEP

6144:9NVVeGIMzGZAH7Q6aWb1RSv1iKGAMP80bjm:uwH7QBWBkv1iKGAMP80/m

Score

10^/10

enemybot gafgyt persistence

Static task

static1

enemybot gafgyt

4 signatures

Behavioral task

behavioral1

Sample

f86ee8fe2ff8cd8357dee139129f2f7b.elf

Resource

debian9-mipsel-20231222-en

debian-9-mipsel

3 signatures

150 seconds

Malware Config

Extracted

Family

gafgyt

C2

239.255.255.250:1900

Targets

- Target
  
  f86ee8fe2ff8cd8357dee139129f2f7b.elf
- Size
  
  271KB
- MD5
  
  f86ee8fe2ff8cd8357dee139129f2f7b
- SHA1
  
  8bc18ec12361021dcd90b79edc3fd7778f6cab1b
- SHA256
  
  d244b3079b96110649dc0080adeab0d22e853bc3f979883d947626a361c25e9b
- SHA512
  
  00991734113b6d0a8c2fb9bc02195b1dbc87da69b23bc76af9971d8270a113e2a8710bc9bd70d59cb9aa60507887d92625418e17f44131118637178b154d569d
- SSDEEP
  
  6144:9NVVeGIMzGZAH7Q6aWb1RSv1iKGAMP80bjm:uwH7QBWBkv1iKGAMP80/m
Score

7^/10

persistence
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
- Creates/modifies Cron job
  Cron allows running tasks on a schedule, and is commonly used for malware persistence.
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy