General

  • Target

    x86_32.nn.elf

  • Size

    67KB

  • Sample

    240930-v1emxa1cpd

  • MD5

    cda42956d6213c465b6876502ce3cfa6

  • SHA1

    cdd2d1950ddd18b78b8f9c78c777e04eabc9ef6a

  • SHA256

    d99d10559f1ad6bba1b59913604e261a613daa94af01ade8276effd692b5c03f

  • SHA512

    502c45235aca772c50b0e7acbab1c62df4258b6c538ad8b9dea8e09f16f5780943a2229bb48dca5cc40b7ad3f458d812222b514b40faf1e1f05fd07d80e359aa

  • SSDEEP

    1536:lrecdrbyVB0y0mUBvkfsxJZf60bgdnj/O6gHbStq8:lrjlbyVB0PEOJZfTbcn7+Eq8

Malware Config

Targets

    • Target

      x86_32.nn.elf

    • Size

      67KB

    • MD5

      cda42956d6213c465b6876502ce3cfa6

    • SHA1

      cdd2d1950ddd18b78b8f9c78c777e04eabc9ef6a

    • SHA256

      d99d10559f1ad6bba1b59913604e261a613daa94af01ade8276effd692b5c03f

    • SHA512

      502c45235aca772c50b0e7acbab1c62df4258b6c538ad8b9dea8e09f16f5780943a2229bb48dca5cc40b7ad3f458d812222b514b40faf1e1f05fd07d80e359aa

    • SSDEEP

      1536:lrecdrbyVB0y0mUBvkfsxJZf60bgdnj/O6gHbStq8:lrjlbyVB0PEOJZfTbcn7+Eq8

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

    • Loads a kernel module

      Loads a Linux kernel module, potentially to achieve persistence

    • Modifies init.d

      Adds/modifies system service, likely for persistence.

    • Write file to user bin folder

MITRE ATT&CK Enterprise v15

Tasks