Overview

overview

10

Static

static

10

jade.x86.elf

ubuntu-22.04-amd64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    jade.x86.elf

  • Size

    100KB

  • Sample

    240809-k4q51aseqa

  • MD5

    b4789862a550ccd2559a44cbc76f4f75

  • SHA1

    f02cc37bed3bedde430ccad245f52071c334948a

  • SHA256

    971121bd9ac7bd5cbac00a45cdf40a8e6269f87857fe57ffbb47d4f6c40ed004

  • SHA512

    58cf1cb1a390d4d94b0cd89a866802987a7b0a7f373dc07cf15169426d80e795d0db2700dd4ea7e3b1392063f7e3b198551bfd3fd76e86ecead76e0add94ed25

  • SSDEEP

    1536:2hsPIb+AxMiPDXp16Khq0/xCZYnR1pI49SaKZdIOkpamMxoXal7CFMI:2OS+AxMyDXmKhq0/xCZGR1ThK1kwaoI

Score
10/10
echobotmiraidiscoverylinux

Malware Config

Targets

    • Target

      jade.x86.elf

    • Size

      100KB

    • MD5

      b4789862a550ccd2559a44cbc76f4f75

    • SHA1

      f02cc37bed3bedde430ccad245f52071c334948a

    • SHA256

      971121bd9ac7bd5cbac00a45cdf40a8e6269f87857fe57ffbb47d4f6c40ed004

    • SHA512

      58cf1cb1a390d4d94b0cd89a866802987a7b0a7f373dc07cf15169426d80e795d0db2700dd4ea7e3b1392063f7e3b198551bfd3fd76e86ecead76e0add94ed25

    • SSDEEP

      1536:2hsPIb+AxMiPDXp16Khq0/xCZYnR1pI49SaKZdIOkpamMxoXal7CFMI:2OS+AxMyDXmKhq0/xCZGR1ThK1kwaoI

    Score
    9/10
    discovery

    • Contacts a large (254454) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Enumerates active TCP sockets

      Gets active TCP sockets from /proc virtual filesystem.

    • Enumerates running processes

      Discovers information about currently running processes on the system

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks