General

  • Target

    bfe1a5e25967f58cbb814b1c2cab0fc005d65100e6524a4cbc1858402c798d62.elf

  • Size

    75KB

  • Sample

    241027-db288szqgn

  • MD5

    87f114f7f6a5830d45ffe101ccd0de1c

  • SHA1

    1156d361e2050a882e4b224410682e116575588d

  • SHA256

    bfe1a5e25967f58cbb814b1c2cab0fc005d65100e6524a4cbc1858402c798d62

  • SHA512

    1cbf6c2276bd0431b4237f7543ae3ba3eb415df5a2de45558ff5a87d5af95752f2e5406661a210cb2d294de2a8322029d6631af851ea65b2b074fa7a91a95b3b

  • SSDEEP

    1536:WukDLaSfqMHzfdFM9IMksqL7dX4DgydyDXvW:WukSSfzHrrM9IPjID0W

Malware Config

Targets

    • Target

      bfe1a5e25967f58cbb814b1c2cab0fc005d65100e6524a4cbc1858402c798d62.elf

    • Size

      75KB

    • MD5

      87f114f7f6a5830d45ffe101ccd0de1c

    • SHA1

      1156d361e2050a882e4b224410682e116575588d

    • SHA256

      bfe1a5e25967f58cbb814b1c2cab0fc005d65100e6524a4cbc1858402c798d62

    • SHA512

      1cbf6c2276bd0431b4237f7543ae3ba3eb415df5a2de45558ff5a87d5af95752f2e5406661a210cb2d294de2a8322029d6631af851ea65b2b074fa7a91a95b3b

    • SSDEEP

      1536:WukDLaSfqMHzfdFM9IMksqL7dX4DgydyDXvW:WukSSfzHrrM9IPjID0W

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

    • Renames itself

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

MITRE ATT&CK Enterprise v15

Tasks