General

  • Target

    25d8d5b4a3fdb428d08555641b9fd97b2b3294c17b5e11ecf22f1ecabb1a5a29.elf

  • Size

    51KB

  • Sample

    240505-benh5she7x

  • MD5

    4b80c6c18aac27625434f6817fd951fd

  • SHA1

    69cd4f920dec679fe6daef4d5f2939e74060a4d4

  • SHA256

    25d8d5b4a3fdb428d08555641b9fd97b2b3294c17b5e11ecf22f1ecabb1a5a29

  • SHA512

    7f7537faafdd7cf941239a90ab0a37a2d99afa3146f1960c6c6ce567d5224a8a57c7719b97494bf44e370826a9839eb0ec703fde7cbd6820b47045230568b6e8

  • SSDEEP

    768:O/4+VFnQBt9dv5Fjzr8GO1S5W46aN1RqSQdDqfopSF7koYZSt8hcw5gsQGIe33s:mVFnQnQ74bCvdVEIDStI2sMeMA

Score
9/10

Malware Config

Targets

    • Target

      25d8d5b4a3fdb428d08555641b9fd97b2b3294c17b5e11ecf22f1ecabb1a5a29.elf

    • Size

      51KB

    • MD5

      4b80c6c18aac27625434f6817fd951fd

    • SHA1

      69cd4f920dec679fe6daef4d5f2939e74060a4d4

    • SHA256

      25d8d5b4a3fdb428d08555641b9fd97b2b3294c17b5e11ecf22f1ecabb1a5a29

    • SHA512

      7f7537faafdd7cf941239a90ab0a37a2d99afa3146f1960c6c6ce567d5224a8a57c7719b97494bf44e370826a9839eb0ec703fde7cbd6820b47045230568b6e8

    • SSDEEP

      768:O/4+VFnQBt9dv5Fjzr8GO1S5W46aN1RqSQdDqfopSF7koYZSt8hcw5gsQGIe33s:mVFnQnQ74bCvdVEIDStI2sMeMA

    Score
    9/10
    • Contacts a large (1308910) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Renames itself

    • Enumerates running processes

      Discovers information about currently running processes on the system

    • Writes file to system bin folder

MITRE ATT&CK Enterprise v15

Tasks