General

  • Target

    ad47d5f8572aa78cc9d2ad9070372aeb0ee64d0011a615b36af8424b556cb645.elf

  • Size

    77KB

  • Sample

    241027-c9n9lasfke

  • MD5

    5e6acfdb2b11d7a7d882bd937f763a79

  • SHA1

    3068bbeb0a17a20795406fc5b345fb6eb3a9fbc3

  • SHA256

    ad47d5f8572aa78cc9d2ad9070372aeb0ee64d0011a615b36af8424b556cb645

  • SHA512

    c84f873b1de729646afeed0bffe4d6ea919d01349f38e2e0190622ef7cf010a12cfd88c431ef2e023d2ac6549c9e9dbdededcc2cc37761e4eac4de37a592d739

  • SSDEEP

    1536:SKV6w6WzfWjQ0tDH28OB62JFhSJdPRW7CV/v7:SKV6ezf30tDW9B62byx7

Malware Config

Targets

    • Target

      ad47d5f8572aa78cc9d2ad9070372aeb0ee64d0011a615b36af8424b556cb645.elf

    • Size

      77KB

    • MD5

      5e6acfdb2b11d7a7d882bd937f763a79

    • SHA1

      3068bbeb0a17a20795406fc5b345fb6eb3a9fbc3

    • SHA256

      ad47d5f8572aa78cc9d2ad9070372aeb0ee64d0011a615b36af8424b556cb645

    • SHA512

      c84f873b1de729646afeed0bffe4d6ea919d01349f38e2e0190622ef7cf010a12cfd88c431ef2e023d2ac6549c9e9dbdededcc2cc37761e4eac4de37a592d739

    • SSDEEP

      1536:SKV6w6WzfWjQ0tDH28OB62JFhSJdPRW7CV/v7:SKV6ezf30tDW9B62byx7

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

    • Renames itself

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    • Enumerates running processes

      Discovers information about currently running processes on the system

MITRE ATT&CK Enterprise v15

Tasks