ea0d3d26968d03d831e8d87c9a078540cdd56784492e4871fc0550e681319c1e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ac7cbd47c811bab61a2bf6344b6f6692.elf
Size

913KB
Sample

240409-pt2wzafb25
MD5

ac7cbd47c811bab61a2bf6344b6f6692
SHA1

ac41e31cd41ee5aaa45a98e9ec11ad1d41c1e1cc
SHA256

ea0d3d26968d03d831e8d87c9a078540cdd56784492e4871fc0550e681319c1e
SHA512

6a11c779675b751670166b20781e6bbd9c22124e4907c9a8f5abdec23da85c3a61915f241c8bcd0f7135caa57a8a6f8622d1a296a591115ce4a73ac01be8dc2b
SSDEEP

24576:T8InNGiNY4kl6dP2w6U/G+3xnNzIMk2lcigFaj:v04a6dew6U/R3xVLk2WLFaj

Score

7^/10

evasion

Malware Config

Targets

- Target
  
  ac7cbd47c811bab61a2bf6344b6f6692.elf
- Size
  
  913KB
- MD5
  
  ac7cbd47c811bab61a2bf6344b6f6692
- SHA1
  
  ac41e31cd41ee5aaa45a98e9ec11ad1d41c1e1cc
- SHA256
  
  ea0d3d26968d03d831e8d87c9a078540cdd56784492e4871fc0550e681319c1e
- SHA512
  
  6a11c779675b751670166b20781e6bbd9c22124e4907c9a8f5abdec23da85c3a61915f241c8bcd0f7135caa57a8a6f8622d1a296a591115ce4a73ac01be8dc2b
- SSDEEP
  
  24576:T8InNGiNY4kl6dP2w6U/G+3xnNzIMk2lcigFaj:v04a6dew6U/R3xVLk2WLFaj
Score

7^/10

evasion
- Deletes itself
- Executes dropped EXE
- Writes DNS configuration
  Writes data to DNS resolver config file.
- Reads MAC address of network interface
  Fetches the MAC address of active network interfaces. May be used to detect known values for hypervisors.
  evasion
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Dynamic Resolution

Exfiltration

Impact

Tasks

static1

behavioral1