General

  • Target

    8dba2039fd6f20170d4f1046a5a9d3413c58a657ce34658f5681e07296263d95.elf

  • Size

    122KB

  • Sample

    240402-bmh9dscd4w

  • MD5

    74ca17a962720262e4449302a1b295d7

  • SHA1

    90e9582e7bd4b5766899957a8cb5975124ebac7a

  • SHA256

    8dba2039fd6f20170d4f1046a5a9d3413c58a657ce34658f5681e07296263d95

  • SHA512

    cd2bb89b171c83f4f2491c05411b85b1c854b941922e119880a8400fcacd1178a2035786049f1db51327d0c5e266c5c5773ac91e7f4749c0db0edb1a0f50ca24

  • SSDEEP

    3072:FDcYVLWKlAQTv+mYUbpl2m7/L7QsvmGugiNb:WYVxlAk9YUbH2m7/L7QsvmGugiNb

Score
10/10

Malware Config

Targets

    • Target

      8dba2039fd6f20170d4f1046a5a9d3413c58a657ce34658f5681e07296263d95.elf

    • Size

      122KB

    • MD5

      74ca17a962720262e4449302a1b295d7

    • SHA1

      90e9582e7bd4b5766899957a8cb5975124ebac7a

    • SHA256

      8dba2039fd6f20170d4f1046a5a9d3413c58a657ce34658f5681e07296263d95

    • SHA512

      cd2bb89b171c83f4f2491c05411b85b1c854b941922e119880a8400fcacd1178a2035786049f1db51327d0c5e266c5c5773ac91e7f4749c0db0edb1a0f50ca24

    • SSDEEP

      3072:FDcYVLWKlAQTv+mYUbpl2m7/L7QsvmGugiNb:WYVxlAk9YUbH2m7/L7QsvmGugiNb

    Score
    7/10
    • Changes its process name

    • Executes dropped EXE

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

MITRE ATT&CK Enterprise v15

Tasks