General
-
Target
na.elf
-
Size
70KB
-
Sample
241010-hnnc3awcjj
-
MD5
a089784465bf00170de07fba33cfcd64
-
SHA1
70232249f8aa23657b401c2b87dfc1d8bd0b145a
-
SHA256
f2215fa6d1b7eb3e43fd85348f1feba29e09e129de4cb7c3596ae7d270d6916f
-
SHA512
46775d5c61bf12ee3d3c6f1508e9e58da316941224431b85f5007db0007670026de9510c08b848ce581e74ece78a21639d1ae549106fbd823f931a2d7238d38c
-
SSDEEP
768:HAyrRVLCJKFJMOoQZSW7HSIHu3VO5UkMXqMh8K8wTmuqqr/kBIutcDsugutcDsF5:HkaoQXvO3VOYmkkvdWjKohLdTz
Malware Config
Targets
-
-
Target
na.elf
-
Size
70KB
-
MD5
a089784465bf00170de07fba33cfcd64
-
SHA1
70232249f8aa23657b401c2b87dfc1d8bd0b145a
-
SHA256
f2215fa6d1b7eb3e43fd85348f1feba29e09e129de4cb7c3596ae7d270d6916f
-
SHA512
46775d5c61bf12ee3d3c6f1508e9e58da316941224431b85f5007db0007670026de9510c08b848ce581e74ece78a21639d1ae549106fbd823f931a2d7238d38c
-
SSDEEP
768:HAyrRVLCJKFJMOoQZSW7HSIHu3VO5UkMXqMh8K8wTmuqqr/kBIutcDsugutcDsF5:HkaoQXvO3VOYmkkvdWjKohLdTz
Score9/10-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Deletes system logs
Deletes log file which contains global system messages. Adversaries may delete system logs to minimize their footprint.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Renames itself
-
Deletes log files
Deletes log files on the system.
-
Reads process memory
Read the memory of a process through the /proc virtual filesystem. This can be used to steal credentials.
-