General

  • Target

    eb3b0390f06a0c13383c7478f4f1a55520a31b8668141b3b2792c371e7bcba69.elf

  • Size

    1.8MB

  • Sample

    240601-ybhvtacg6v

  • MD5

    58b4e50467f3274b0776720f39b3c266

  • SHA1

    7785a1f3b5358b135a049bfe0b639920f604e09a

  • SHA256

    eb3b0390f06a0c13383c7478f4f1a55520a31b8668141b3b2792c371e7bcba69

  • SHA512

    c0f4ccd526c8dd55e4c010fb0ab656b9e635a17d26be30cd65115cb195270d3e03f3732a74f6ec29ad275c5aa33b4e1cdc7a45b4a16c85b26b59e08dc1889176

  • SSDEEP

    49152:sS+KYZ0dszqm4Q7HigqNX3BwQcxb40fzqk:sS+vZ0dsf7HigqbHqr

Malware Config

Targets

    • Target

      eb3b0390f06a0c13383c7478f4f1a55520a31b8668141b3b2792c371e7bcba69.elf

    • Size

      1.8MB

    • MD5

      58b4e50467f3274b0776720f39b3c266

    • SHA1

      7785a1f3b5358b135a049bfe0b639920f604e09a

    • SHA256

      eb3b0390f06a0c13383c7478f4f1a55520a31b8668141b3b2792c371e7bcba69

    • SHA512

      c0f4ccd526c8dd55e4c010fb0ab656b9e635a17d26be30cd65115cb195270d3e03f3732a74f6ec29ad275c5aa33b4e1cdc7a45b4a16c85b26b59e08dc1889176

    • SSDEEP

      49152:sS+KYZ0dszqm4Q7HigqNX3BwQcxb40fzqk:sS+vZ0dsf7HigqbHqr

    • Contacts a large (912950) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Mark of the Web detected: This indicates that the page was originally saved or cloned.

MITRE ATT&CK Enterprise v15

Tasks