General

  • Target

    mips.elf

  • Size

    99KB

  • Sample

    241026-vdepdsvjax

  • MD5

    2bc1855eb4297c28116e412b6705e14a

  • SHA1

    4d8189399c887b335e1d690961e38b806948d9cd

  • SHA256

    0d8c3289a2b21abb0d414e2c730d46081e9334a97b5e0b52b9a2f248c59a59ad

  • SHA512

    1074aa161b94e13c473e8cf23d6bbd6baa531854b4c110b8142ccd8e8296b6a94751e55907f9ed6aff7d1b470676c81ea5754fdfeef14f8829dc9a5e3452d26e

  • SSDEEP

    1536:uo6JSd6vTfjZ0IonWnP4MmBGSBGxJGSnuqMLHRvMNswe+fYgHIRyyR:upP5ld4MaqMjRUKuYRyyR

Malware Config

Targets

    • Target

      mips.elf

    • Size

      99KB

    • MD5

      2bc1855eb4297c28116e412b6705e14a

    • SHA1

      4d8189399c887b335e1d690961e38b806948d9cd

    • SHA256

      0d8c3289a2b21abb0d414e2c730d46081e9334a97b5e0b52b9a2f248c59a59ad

    • SHA512

      1074aa161b94e13c473e8cf23d6bbd6baa531854b4c110b8142ccd8e8296b6a94751e55907f9ed6aff7d1b470676c81ea5754fdfeef14f8829dc9a5e3452d26e

    • SSDEEP

      1536:uo6JSd6vTfjZ0IonWnP4MmBGSBGxJGSnuqMLHRvMNswe+fYgHIRyyR:upP5ld4MaqMjRUKuYRyyR

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

    • Renames itself

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

MITRE ATT&CK Enterprise v15

Tasks