Overview

overview

9

Static

static

1

45.148.10....28.elf

ubuntu-18.04-amd64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    45.148.10.78-x86-2024-06-28T114028.elf

  • Size

    72KB

  • Sample

    240701-mns1rswgle

  • MD5

    dadf4e3e338e80a2b6f51d6c63ea629a

  • SHA1

    fc37f9cc5ef1bda9d0c161a3ff6ece52c8ec026d

  • SHA256

    3cec54598d134f89f19dd9e5975bf346ed738a3019d24276a1a718cee964dcac

  • SHA512

    597e1e6fd9d484b94fb3210014623d17eb4df6c9d22a0e5a4d64f581f2629c6c9eced6e322d772e9312346684b0ea98f96241de7e333896ff580a865a05d71bf

  • SSDEEP

    1536:YAXO0raJdh9/qzl1n+e9jZrNA8Cl67YSMfyfKr:YAXXSZqzlh+eaBNxB

Score
9/10
discoverylinux

Malware Config

Targets

    • Target

      45.148.10.78-x86-2024-06-28T114028.elf

    • Size

      72KB

    • MD5

      dadf4e3e338e80a2b6f51d6c63ea629a

    • SHA1

      fc37f9cc5ef1bda9d0c161a3ff6ece52c8ec026d

    • SHA256

      3cec54598d134f89f19dd9e5975bf346ed738a3019d24276a1a718cee964dcac

    • SHA512

      597e1e6fd9d484b94fb3210014623d17eb4df6c9d22a0e5a4d64f581f2629c6c9eced6e322d772e9312346684b0ea98f96241de7e333896ff580a865a05d71bf

    • SSDEEP

      1536:YAXO0raJdh9/qzl1n+e9jZrNA8Cl67YSMfyfKr:YAXXSZqzlh+eaBNxB

    Score
    9/10
    discovery

    • Contacts a large (854698) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Enumerates running processes

      Discovers information about currently running processes on the system

    • Writes file to system bin folder

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks