Resubmissions
09-04-2024 08:37
240409-kjmxvaeb2s 1009-04-2024 08:37
240409-kjmbbaag86 1009-04-2024 08:37
240409-kjlpsaea91 1007-02-2024 14:38
240207-rzqr1ahge3 10Analysis
-
max time kernel
1199s -
max time network
1201s -
platform
ubuntu-18.04_amd64 -
resource
ubuntu1804-amd64-20240226-en -
resource tags
-
submitted
09-04-2024 08:37
General
-
Target
4470dffdf485099a7ebbe92b3e8d1db1ff14d8b2c39e3aabaa69c8122e86b91b.elf
-
Size
168KB
-
MD5
635310bf9fce382320b3ee8716a1424f
-
SHA1
e80ec55bfb60d8629d887e07f925adcc09edd301
-
SHA256
4470dffdf485099a7ebbe92b3e8d1db1ff14d8b2c39e3aabaa69c8122e86b91b
-
SHA512
7889bb91634d2dbaa7c5eb70314f7d80590fc770cb31e178c547f38a0ccccd6c297d831b687589126316ea80d8a237ccd6afc4e0b41b8103b0ad9c6575a6cd88
-
SSDEEP
3072:8PSi28gcKeX9BCxDFwlcgPifbAIBXYM2bkzBe/B+NJP8vWQcY1EKk5WcTM:B8gSsFwdPCfBXY1Ke/gNN8vWQcY1EKkM
Score
7/10
Malware Config
Signatures
-
Modifies Watchdog functionality 1 TTPs 2 IoCs
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Creates/modifies Cron job 1 TTPs 1 IoCs
Cron allows running tasks on a schedule, and is commonly used for malware persistence.
-
Reads runtime system information 1 IoCs
Reads data from /proc virtual filesystem.
Processes
-
/tmp/4470dffdf485099a7ebbe92b3e8d1db1ff14d8b2c39e3aabaa69c8122e86b91b.elf/tmp/4470dffdf485099a7ebbe92b3e8d1db1ff14d8b2c39e3aabaa69c8122e86b91b.elf1⤵
- Creates/modifies Cron job