General

  • Target

    a9dbdd95ebd8c9e6fb7de29c21103ddba18a62f2393bfa7ba365a491e37b342a.elf

  • Size

    139KB

  • Sample

    240402-bpflaada35

  • MD5

    c161f9d73ca2e53a130680b762579df5

  • SHA1

    ff2830f335be7d73692dff80072c46d9a244576b

  • SHA256

    a9dbdd95ebd8c9e6fb7de29c21103ddba18a62f2393bfa7ba365a491e37b342a

  • SHA512

    4b2ccdeb1b2e4235c175f4ef1a4054fd2c3449b03fdaa55c85fa92b2efefd68eb37b7c64222d3a43aefbbcefabf6ba487898b2a6931c67df1e2caf1462040269

  • SSDEEP

    3072:Z41HOuaGVV3NfHUOjqyldqCw3jkmhxQwoVZUNu:Ze3aGVVdqyldq1jkmhxQwoVZUNu

Score
10/10

Malware Config

Targets

    • Target

      a9dbdd95ebd8c9e6fb7de29c21103ddba18a62f2393bfa7ba365a491e37b342a.elf

    • Size

      139KB

    • MD5

      c161f9d73ca2e53a130680b762579df5

    • SHA1

      ff2830f335be7d73692dff80072c46d9a244576b

    • SHA256

      a9dbdd95ebd8c9e6fb7de29c21103ddba18a62f2393bfa7ba365a491e37b342a

    • SHA512

      4b2ccdeb1b2e4235c175f4ef1a4054fd2c3449b03fdaa55c85fa92b2efefd68eb37b7c64222d3a43aefbbcefabf6ba487898b2a6931c67df1e2caf1462040269

    • SSDEEP

      3072:Z41HOuaGVV3NfHUOjqyldqCw3jkmhxQwoVZUNu:Ze3aGVVdqyldq1jkmhxQwoVZUNu

    Score
    7/10
    • Changes its process name

    • Executes dropped EXE

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

MITRE ATT&CK Enterprise v15

Tasks