Executes dropped EXE

Modifies Watchdog functionality

Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

Creates/modifies Cron job

Cron allows running tasks on a schedule, and is commonly used for malware persistence.

Creates/modifies environment variables

Creating/modifying environment variables is a common persistence mechanism.

Enumerates running processes

Discovers information about currently running processes on the system

Modifies init.d

Adds/modifies system service, likely for persistence.

Write file to user bin folder

Modifies Bash startup script