General

  • Target

    2341762800bbc7ae9e0a2856cd271ab63cd4d63948b3d1da64075af123f3c81d.elf

  • Size

    75KB

  • Sample

    241016-bpa1sszbpj

  • MD5

    dc3cafd47c5abdd308278f115230e190

  • SHA1

    961fb006e576b0102902ab00b566f99d22721731

  • SHA256

    2341762800bbc7ae9e0a2856cd271ab63cd4d63948b3d1da64075af123f3c81d

  • SHA512

    5c5520390d6c27b862ee24802a18cb97c91cefa375550d54c172fe3595c5ad16136de63680b4c70c63f1aacfd731437f280234d7203232d9d00e2296ee331d95

  • SSDEEP

    768:74lD94StFSr6pKjU0iUoDSPETSrywj3e7RCxykOVZA9cOqmWD/Y66ApXEk1nCtX:74d9li6pcfhEwywre7HJbDJNgtX

Malware Config

Targets

    • Target

      2341762800bbc7ae9e0a2856cd271ab63cd4d63948b3d1da64075af123f3c81d.elf

    • Size

      75KB

    • MD5

      dc3cafd47c5abdd308278f115230e190

    • SHA1

      961fb006e576b0102902ab00b566f99d22721731

    • SHA256

      2341762800bbc7ae9e0a2856cd271ab63cd4d63948b3d1da64075af123f3c81d

    • SHA512

      5c5520390d6c27b862ee24802a18cb97c91cefa375550d54c172fe3595c5ad16136de63680b4c70c63f1aacfd731437f280234d7203232d9d00e2296ee331d95

    • SSDEEP

      768:74lD94StFSr6pKjU0iUoDSPETSrywj3e7RCxykOVZA9cOqmWD/Y66ApXEk1nCtX:74d9li6pcfhEwywre7HJbDJNgtX

    • Deletes system logs

      Deletes log file which contains global system messages. Adversaries may delete system logs to minimize their footprint.

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Renames itself

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Deletes log files

      Deletes log files on the system.

    • Reads process memory

      Read the memory of a process through the /proc virtual filesystem. This can be used to steal credentials.

MITRE ATT&CK Enterprise v15

Tasks