General

  • Target

    1355fb3c7924c6289f09b85a4094f469aa57ad9482465b54f80a5e3a9b11899a.elf

  • Size

    52KB

  • Sample

    240511-bfd14afa25

  • MD5

    b6556e6f0f2b0f1f5d0b401cbfc1520b

  • SHA1

    d3f1a225c0d407bf08e12acfab20c59325f10bd2

  • SHA256

    1355fb3c7924c6289f09b85a4094f469aa57ad9482465b54f80a5e3a9b11899a

  • SHA512

    56d5b63a298589ce141918e4d2141f6151ee031f77694979d77571bef75b3cf28c96a9632cb180f6d6cb3079a2cc8e5af285dfb63b9929212ba0ae3a1e29be13

  • SSDEEP

    768:+KXCCxb8IhdK4GrcvUmneUUOSyCX/GqiBJGuAHbADDDuRuUBVHPm89YiiL0mA3sN:+KSAhdk2UmeybqiyvbAD+RuBZwmLN

Malware Config

Targets

    • Target

      1355fb3c7924c6289f09b85a4094f469aa57ad9482465b54f80a5e3a9b11899a.elf

    • Size

      52KB

    • MD5

      b6556e6f0f2b0f1f5d0b401cbfc1520b

    • SHA1

      d3f1a225c0d407bf08e12acfab20c59325f10bd2

    • SHA256

      1355fb3c7924c6289f09b85a4094f469aa57ad9482465b54f80a5e3a9b11899a

    • SHA512

      56d5b63a298589ce141918e4d2141f6151ee031f77694979d77571bef75b3cf28c96a9632cb180f6d6cb3079a2cc8e5af285dfb63b9929212ba0ae3a1e29be13

    • SSDEEP

      768:+KXCCxb8IhdK4GrcvUmneUUOSyCX/GqiBJGuAHbADDDuRuUBVHPm89YiiL0mA3sN:+KSAhdk2UmeybqiyvbAD+RuBZwmLN

    Score
    9/10
    • Contacts a large (1292277) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Deletes system logs

      Deletes log file which contains global system messages. Adversaries may delete system logs to minimize their footprint.

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Enumerates running processes

      Discovers information about currently running processes on the system

    • Writes file to system bin folder

MITRE ATT&CK Enterprise v15

Tasks