Overview

overview

10

Static

static

10

2a00fe6cc9...33.elf

ubuntu-18.04-amd64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    96907e07603b72cb03b5ca6eeaed7808.bin

  • Size

    48KB

  • Sample

    240306-cbjlfsha72

  • MD5

    e606eddda05d0899abbc3d34085ed823

  • SHA1

    9238bd9d9c4112dc98c2c62097f6b0a0e8dcf468

  • SHA256

    6db84a4b5ebd2dc71321b5ee57906d4c25df3579e98425339be0d74b2f3e20bb

  • SHA512

    abaaebfe768ac452b2f381239142a7dd81a887aec08e9c990c36c745f1ad82e8a5d007459c57b124c128116a9a914d22757508e528d913d6c19c6823ba8e034e

  • SSDEEP

    768:+In+DBsOeP/YNdUdH7aAY5mrgOqZpZf00nT9hMafm56Zh90t3oPZZsbioExzeVPU:+IEbenYoHOAymrH+ZB390tQoExyP3E

Score
10/10
gafgytlinux

Malware Config

Targets

    • Target

      2a00fe6cc98e25b9049b9adddbdad5fe5e693521de46c9592fa234d93a5bb733.elf

    • Size

      113KB

    • MD5

      96907e07603b72cb03b5ca6eeaed7808

    • SHA1

      0ca80cadd52271c7caaa05ab8a8edc2792d3d1e9

    • SHA256

      2a00fe6cc98e25b9049b9adddbdad5fe5e693521de46c9592fa234d93a5bb733

    • SHA512

      b97cabca7c7d912c470e6f08a24857031a542d6268f0cf812c7fd907cd970840259a57330f1c742ed065beed1567d90737eeef59b58f2ea2a4986504dc5b55ca

    • SSDEEP

      3072:kiry859a2ADJf9wHYqbgFFo8+HeAz+TRCm7FnVqfJXFWbNb:T9a2aLqkrMSsm7FnVqfJXFWbNb

    Score
    7/10

    • Changes its process name

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks