General
-
Target
bfe1a5e25967f58cbb814b1c2cab0fc005d65100e6524a4cbc1858402c798d62.elf
-
Size
75KB
-
Sample
241027-db288szqgn
-
MD5
87f114f7f6a5830d45ffe101ccd0de1c
-
SHA1
1156d361e2050a882e4b224410682e116575588d
-
SHA256
bfe1a5e25967f58cbb814b1c2cab0fc005d65100e6524a4cbc1858402c798d62
-
SHA512
1cbf6c2276bd0431b4237f7543ae3ba3eb415df5a2de45558ff5a87d5af95752f2e5406661a210cb2d294de2a8322029d6631af851ea65b2b074fa7a91a95b3b
-
SSDEEP
1536:WukDLaSfqMHzfdFM9IMksqL7dX4DgydyDXvW:WukSSfzHrrM9IPjID0W
Static task
static1
Behavioral task
behavioral1
Sample
bfe1a5e25967f58cbb814b1c2cab0fc005d65100e6524a4cbc1858402c798d62.elf
Resource
debian9-armhf-20240611-en
Malware Config
Targets
-
-
Target
bfe1a5e25967f58cbb814b1c2cab0fc005d65100e6524a4cbc1858402c798d62.elf
-
Size
75KB
-
MD5
87f114f7f6a5830d45ffe101ccd0de1c
-
SHA1
1156d361e2050a882e4b224410682e116575588d
-
SHA256
bfe1a5e25967f58cbb814b1c2cab0fc005d65100e6524a4cbc1858402c798d62
-
SHA512
1cbf6c2276bd0431b4237f7543ae3ba3eb415df5a2de45558ff5a87d5af95752f2e5406661a210cb2d294de2a8322029d6631af851ea65b2b074fa7a91a95b3b
-
SSDEEP
1536:WukDLaSfqMHzfdFM9IMksqL7dX4DgydyDXvW:WukSSfzHrrM9IPjID0W
-
File and Directory Permissions Modification
Adversaries may modify file or directory permissions to evade defenses.
-
Renames itself
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Creates/modifies Cron job
Cron allows running tasks on a schedule, and is commonly used for malware persistence.
-