General

  • Target

    b9bdd75b55852b3f8d842a482443a7b35732523cd3c8eae4b4b17ca910822840.elf

  • Size

    99KB

  • Sample

    241027-da5mza1khs

  • MD5

    2ebce2c623cee35100ce645095e0e17a

  • SHA1

    f8cf8d0db764834f60325110897e8a7cabc96fc4

  • SHA256

    b9bdd75b55852b3f8d842a482443a7b35732523cd3c8eae4b4b17ca910822840

  • SHA512

    1c3591b36a1ba39c07054af82aff3311f56c051399d027e800618831f40b2e0b3f121118dbe4a81eb2ec3f4203b127887e05c7164c3af8afd08b10a12d27d00e

  • SSDEEP

    1536:IHC8aIWiD9AW0FLQ4LBOe+h2s9ieZWUHy6Yb7SWTnvgkwBu:IHC8HWMxhlUeSl7wBu

Malware Config

Targets

    • Target

      b9bdd75b55852b3f8d842a482443a7b35732523cd3c8eae4b4b17ca910822840.elf

    • Size

      99KB

    • MD5

      2ebce2c623cee35100ce645095e0e17a

    • SHA1

      f8cf8d0db764834f60325110897e8a7cabc96fc4

    • SHA256

      b9bdd75b55852b3f8d842a482443a7b35732523cd3c8eae4b4b17ca910822840

    • SHA512

      1c3591b36a1ba39c07054af82aff3311f56c051399d027e800618831f40b2e0b3f121118dbe4a81eb2ec3f4203b127887e05c7164c3af8afd08b10a12d27d00e

    • SSDEEP

      1536:IHC8aIWiD9AW0FLQ4LBOe+h2s9ieZWUHy6Yb7SWTnvgkwBu:IHC8HWMxhlUeSl7wBu

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

    • Renames itself

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

MITRE ATT&CK Enterprise v15

Tasks