General

  • Target

    82b0eeead34ae5267f434b6fc0e6e7e5.elf

  • Size

    97KB

  • Sample

    240331-hj8s7sfd9t

  • MD5

    82b0eeead34ae5267f434b6fc0e6e7e5

  • SHA1

    bee4d6a6a6b409ec276f23c1d09aebb4335a721b

  • SHA256

    f2b0e2d630297e4ccfd2f52063b3bf83b8a6c9d94e65d983eb0d7378c4c48d64

  • SHA512

    8169215265024410a45eb14c5460de76b45335d6ff96d6a4659b0aad32c261e84d3a06a36eb7fa3f65d8fc8e81052d97c3028d242c015e5fc57fddbea1e02c29

  • SSDEEP

    3072:gjtwgA6UlYzZveohR9kIEGfdGZmmFVcqq0G27ZT:gjhzt3mIEGfAmmFVcqq0G27ZT

Score
10/10

Malware Config

Targets

    • Target

      82b0eeead34ae5267f434b6fc0e6e7e5.elf

    • Size

      97KB

    • MD5

      82b0eeead34ae5267f434b6fc0e6e7e5

    • SHA1

      bee4d6a6a6b409ec276f23c1d09aebb4335a721b

    • SHA256

      f2b0e2d630297e4ccfd2f52063b3bf83b8a6c9d94e65d983eb0d7378c4c48d64

    • SHA512

      8169215265024410a45eb14c5460de76b45335d6ff96d6a4659b0aad32c261e84d3a06a36eb7fa3f65d8fc8e81052d97c3028d242c015e5fc57fddbea1e02c29

    • SSDEEP

      3072:gjtwgA6UlYzZveohR9kIEGfdGZmmFVcqq0G27ZT:gjhzt3mIEGfAmmFVcqq0G27ZT

    Score
    7/10
    • Changes its process name

    • Executes dropped EXE

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

MITRE ATT&CK Enterprise v15

Tasks