Overview

overview

10

Static

static

10

f17662f9f6...f4.elf

debian-12-mipsel

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f17662f9f6284fe900205f01a2f81bf4.elf

  • Size

    194KB

  • Sample

    240715-yj82zaweqp

  • MD5

    f17662f9f6284fe900205f01a2f81bf4

  • SHA1

    8af3e3ec82cfa9d75978b84cfe046d5dd7cd3ec9

  • SHA256

    3ed9d6a4a1975c8081f34181a13fbb901049d08a962581452b14ca359276eddd

  • SHA512

    b7eb691da039fdb33e025ccaf8552315089e75ee3b41e94c21e656a5424140e8b28ddffebdb07efbdf16f834598c37c805080740cfed905f03e8f6576248c2d6

  • SSDEEP

    1536:RJxq+ProTHEfzRDr9m37bicQxnn6VRAWfYJejAIOeY5arwe39nMZS4WejJFxgaTs:7JoqXG78lUAW3H3RMHTxgCF7rzjG

Score
10/10
miraidiscovery

Malware Config

Targets

    • Target

      f17662f9f6284fe900205f01a2f81bf4.elf

    • Size

      194KB

    • MD5

      f17662f9f6284fe900205f01a2f81bf4

    • SHA1

      8af3e3ec82cfa9d75978b84cfe046d5dd7cd3ec9

    • SHA256

      3ed9d6a4a1975c8081f34181a13fbb901049d08a962581452b14ca359276eddd

    • SHA512

      b7eb691da039fdb33e025ccaf8552315089e75ee3b41e94c21e656a5424140e8b28ddffebdb07efbdf16f834598c37c805080740cfed905f03e8f6576248c2d6

    • SSDEEP

      1536:RJxq+ProTHEfzRDr9m37bicQxnn6VRAWfYJejAIOeY5arwe39nMZS4WejJFxgaTs:7JoqXG78lUAW3H3RMHTxgCF7rzjG

    Score
    9/10
    discovery

    • Contacts a large (348841) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Writes file to system bin folder

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks