Overview

overview

10

Static

static

10

1c970c16ed...b8.elf

ubuntu-18.04-amd64

7

Analysis

  • max time kernel
    149s
  • max time network
    147s
  • platform
    ubuntu-18.04_amd64
  • resource
    ubuntu1804-amd64-20240508-en
  • resource tags

    arch:amd64arch:i386image:ubuntu1804-amd64-20240508-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system
  • submitted
    21-05-2024 01:03

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1c970c16ed8c614f23761583e1135233b315a4153b52d8c1cffed9aa0abddab8.elf

  • Size

    170KB

  • MD5

    4efe945f9e1798078778681cec73bc02

  • SHA1

    9b08661e524a6d6e6b7077945f13ac3880700aa1

  • SHA256

    1c970c16ed8c614f23761583e1135233b315a4153b52d8c1cffed9aa0abddab8

  • SHA512

    abe8df80d93cc3a11cda83c50d8cf9fb771ea177a3aea59a26559ab6688add7b369dba38932a2ab257ad0a3d01289ceff67232f03d0cf7f1fb5036aa6c11f1fa

  • SSDEEP

    3072:e/eGibq3BRNvmovPKSgch4BqBoJMxhBSr23p+W8jDhmSpmRpByBqm+x:e/eGibq3BRFjvPXh2hJMxhBSgH8jA+mR

Score
7/10

Malware Config

Signatures

  • Modifies Watchdog functionality 1 TTPs 2 IoCs

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

  • Enumerates running processes

    Discovers information about currently running processes on the system

  • Writes file to system bin folder 1 TTPs 1 IoCs
  • Reads runtime system information 64 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/1c970c16ed8c614f23761583e1135233b315a4153b52d8c1cffed9aa0abddab8.elf
    /tmp/1c970c16ed8c614f23761583e1135233b315a4153b52d8c1cffed9aa0abddab8.elf
    1⤵
    • Modifies Watchdog functionality
    • Writes file to system bin folder
    • Reads runtime system information
    PID:1500

Network

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Hijack Execution Flow

1
T1574

Privilege Escalation

Hijack Execution Flow

1
T1574

Defense Evasion

Impair Defenses

1
T1562

Hijack Execution Flow

1
T1574

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Replay Monitor

Loading Replay Monitor...

Downloads