General
-
Target
irq1.elf
-
Size
510KB
-
Sample
241022-tj3gzavhjj
-
MD5
2aa1abc12fdf779dbe4e71ed20111bce
-
SHA1
fee772fa1e9c94d9b89ffa3fa89df08c4a1fe84f
-
SHA256
a1f211877e5ac29682f07d0b97d02ee936ed02f3355b68d7163b3336164d85f6
-
SHA512
e9b95f9c28e39fa3c57f921ac2e55f5ee1b22d3664b8059f53610b059e620230ff63db7d39a5a9c256f39aa99d1b1333f4bd0acefe44bd826048c60b4e5c6fc0
-
SSDEEP
6144:21cNQ3N/6H7bvnWGSTOk/Gsw6apMBNedo+nS2Ref6zIfcxnjL/Va+wjdIBKPO7QZ:2CQd/SVV2PsfssIfyn/U+sm7Q380/
Static task
static1
Behavioral task
behavioral1
Sample
irq1.elf
Resource
debian9-mipsbe-20240611-en
Malware Config
Targets
-
-
Target
irq1.elf
-
Size
510KB
-
MD5
2aa1abc12fdf779dbe4e71ed20111bce
-
SHA1
fee772fa1e9c94d9b89ffa3fa89df08c4a1fe84f
-
SHA256
a1f211877e5ac29682f07d0b97d02ee936ed02f3355b68d7163b3336164d85f6
-
SHA512
e9b95f9c28e39fa3c57f921ac2e55f5ee1b22d3664b8059f53610b059e620230ff63db7d39a5a9c256f39aa99d1b1333f4bd0acefe44bd826048c60b4e5c6fc0
-
SSDEEP
6144:21cNQ3N/6H7bvnWGSTOk/Gsw6apMBNedo+nS2Ref6zIfcxnjL/Va+wjdIBKPO7QZ:2CQd/SVV2PsfssIfyn/U+sm7Q380/
-
Detects Kaiten/Tsunami Payload
-
Creates/modifies Cron job
Cron allows running tasks on a schedule, and is commonly used for malware persistence.
-
Enumerates running processes
Discovers information about currently running processes on the system
-
Indicator Removal: Timestomp
Adversaries may remove indicators of compromise from the host to evade detection.
-