6a31cb7adc7bc79b024dae5b1f36ccb415fa7373d6472e3700c0b7346f35aac5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bin.armv7l.elf
Size

142KB
Sample

240821-xemshayarm
MD5

6ca9f4abca4f3b3247ddaaa79fd95147
SHA1

4213074cb4c5147899817cae036943cbe0366061
SHA256

6a31cb7adc7bc79b024dae5b1f36ccb415fa7373d6472e3700c0b7346f35aac5
SHA512

c8ca8e3925aa5950b0ffcd16fc53d45b02392f0020cb7e05c769b38967516cb9f8d8779dc6f33199827dd78daca5756e7543d9754dbc0fe53b4cd0956e61d6d2
SSDEEP

3072:0yDABbDSwHyNg2br3aPJ5fyWb9afQjpgGSE1BW++g3y4a:qBbDjHyNTKP3fyi9afQjpgGSaGgi4a

Score

7^/10

Malware Config

Targets

- Target
  
  bin.armv7l.elf
- Size
  
  142KB
- MD5
  
  6ca9f4abca4f3b3247ddaaa79fd95147
- SHA1
  
  4213074cb4c5147899817cae036943cbe0366061
- SHA256
  
  6a31cb7adc7bc79b024dae5b1f36ccb415fa7373d6472e3700c0b7346f35aac5
- SHA512
  
  c8ca8e3925aa5950b0ffcd16fc53d45b02392f0020cb7e05c769b38967516cb9f8d8779dc6f33199827dd78daca5756e7543d9754dbc0fe53b4cd0956e61d6d2
- SSDEEP
  
  3072:0yDABbDSwHyNg2br3aPJ5fyWb9afQjpgGSE1BW++g3y4a:qBbDjHyNTKP3fyi9afQjpgGSaGgi4a
Score

7^/10
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
- Enumerates running processes
  Discovers information about currently running processes on the system
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1