Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    ubuntu-18.04_amd64
  • resource
    ubuntu1804-amd64-20231221-en
  • resource tags

    arch:amd64arch:i386image:ubuntu1804-amd64-20231221-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system
  • submitted
    20-02-2024 22:48

General

  • Target

    d128cd316b18328301e7127f59d16a02.elf

  • Size

    168KB

  • MD5

    d128cd316b18328301e7127f59d16a02

  • SHA1

    26bae1e3ec8d4043b3c0c0c68d6c538782856eca

  • SHA256

    3f1389bc57d457bf9dfc0cd70ddd2fba878eea14db51bb54944579fb85990d8e

  • SHA512

    93ded5471caf892b1ce5049363468c65b92c03365f048f064e2ade2190f7a913c70c497eca62d8d0ff6b4fc758bb6b4ce37363fc56fd37737bf8f269243740fe

  • SSDEEP

    3072:8PSi28gcKeX9BCHDd4tccPifbAI9XYM2bkzBe/B+hVn8vWQcY1EKk5WcTM:B8gSGd4pPCf9XY1Ke/ghZ8vWQcY1EKkM

Score
7/10

Malware Config

Signatures

  • Modifies Watchdog functionality 1 TTPs 2 IoCs

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

  • Creates/modifies Cron job 1 TTPs 1 IoCs

    Cron allows running tasks on a schedule, and is commonly used for malware persistence.

  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/d128cd316b18328301e7127f59d16a02.elf
    /tmp/d128cd316b18328301e7127f59d16a02.elf
    1⤵
    • Creates/modifies Cron job
    PID:1549

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads