611cf43a4c2cf0beaec908efedd308eb14d76e00d3e4bbce195f7a65b459dea0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

611cf43a4c2cf0beaec908efedd308eb14d76e00d3e4bbce195f7a65b459dea0.elf
Size

2.7MB
Sample

241015-bzdjns1dnj
MD5

ea8208238d5556aef97acfde51ce10e4
SHA1

1c31d6ef1e83cf9ccbdf80f6b7e460ae0556845c
SHA256

611cf43a4c2cf0beaec908efedd308eb14d76e00d3e4bbce195f7a65b459dea0
SHA512

5da9226eeb3f8a44c6fea07eaf9b43c61c7712777b979d57bc52c5e27a825908cc8f9c333eaee74907591933ec9469197af093a4542002e3d36cbd9c0e2016fe
SSDEEP

24576:6c9JRC/o9Uo6G8rJ7LawiKbubY7uAkOYjWdiIBqSjiRSb:6YT9T8rJ7La7K5uxBj4N

Score

7^/10

discovery execution linux persistence privilege_escalatio

Malware Config

Targets

- Target
  
  611cf43a4c2cf0beaec908efedd308eb14d76e00d3e4bbce195f7a65b459dea0.elf
- Size
  
  2.7MB
- MD5
  
  ea8208238d5556aef97acfde51ce10e4
- SHA1
  
  1c31d6ef1e83cf9ccbdf80f6b7e460ae0556845c
- SHA256
  
  611cf43a4c2cf0beaec908efedd308eb14d76e00d3e4bbce195f7a65b459dea0
- SHA512
  
  5da9226eeb3f8a44c6fea07eaf9b43c61c7712777b979d57bc52c5e27a825908cc8f9c333eaee74907591933ec9469197af093a4542002e3d36cbd9c0e2016fe
- SSDEEP
  
  24576:6c9JRC/o9Uo6G8rJ7LawiKbubY7uAkOYjWdiIBqSjiRSb:6YT9T8rJ7La7K5uxBj4N
Score

7^/10

discovery execution persistence privilege_escalatio
- Executes dropped EXE
- Creates/modifies Cron job
  Cron allows running tasks on a schedule, and is commonly used for malware persistence.
  execution persistence privilege_escalatio
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Cron

Persistence

Scheduled Task/Job

Cron

Privilege Escalation

Scheduled Task/Job

Cron

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryexecutionpersistenceprivilege_escalatio