General

  • Target

    49f7a939913e600dc9f20c879306b2c81ffa0cdbb5b21340201efc2251b32afc.elf

  • Size

    71KB

  • Sample

    241016-b28gtszhqk

  • MD5

    b15f21d6ec3974e93533f696a9bafdff

  • SHA1

    ce49452eba29c9f4eceb86b2323326f6f9c446b3

  • SHA256

    49f7a939913e600dc9f20c879306b2c81ffa0cdbb5b21340201efc2251b32afc

  • SHA512

    256f7d00a9fc2cb0a65ceffe34eb9ab54915fa27ed986355bd7e3650af69559dee9c6b5ddbe880029cab27c1ca110c801a89f903e6e681dc103d625365fa4eb6

  • SSDEEP

    768:kgKNwShVSf0e3x/KGOiO4A5SX/oMte1X7FCwT3YPWMYcTxm8QASqQsH3kdB:kgKNxe0eBiMAQX/oMQfsXYCoASKXkf

Malware Config

Targets

    • Target

      49f7a939913e600dc9f20c879306b2c81ffa0cdbb5b21340201efc2251b32afc.elf

    • Size

      71KB

    • MD5

      b15f21d6ec3974e93533f696a9bafdff

    • SHA1

      ce49452eba29c9f4eceb86b2323326f6f9c446b3

    • SHA256

      49f7a939913e600dc9f20c879306b2c81ffa0cdbb5b21340201efc2251b32afc

    • SHA512

      256f7d00a9fc2cb0a65ceffe34eb9ab54915fa27ed986355bd7e3650af69559dee9c6b5ddbe880029cab27c1ca110c801a89f903e6e681dc103d625365fa4eb6

    • SSDEEP

      768:kgKNwShVSf0e3x/KGOiO4A5SX/oMte1X7FCwT3YPWMYcTxm8QASqQsH3kdB:kgKNxe0eBiMAQX/oMQfsXYCoASKXkf

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Renames itself

    • Reads process memory

      Read the memory of a process through the /proc virtual filesystem. This can be used to steal credentials.

MITRE ATT&CK Enterprise v15

Tasks