General

  • Target

    cee029b1438797b749a740be099fa82cffbbaa7a7507476f995c95a2d35a23d3.elf

  • Size

    87KB

  • Sample

    241027-dd85kasfrg

  • MD5

    353a49ca2c9b8b35fb036b2de1587fc4

  • SHA1

    e5cd1ab8dc2c224a5b82113a41ec46479895ae27

  • SHA256

    cee029b1438797b749a740be099fa82cffbbaa7a7507476f995c95a2d35a23d3

  • SHA512

    8a47f0d0a8899d153cf80d5579d7ca8f81b9efe9daf93a2f60f72d5ad1ed77a360f3ff6f93cad6b016a52ec6a6f76b94bf2d427f6d9eda0bc5f7cf609e6fd484

  • SSDEEP

    1536:GJTjy914iDyIV6n30taWKqlpbfc/SLuZ++5+BJoK+mcS/:GJTj614NNczc/0ublmx

Malware Config

Targets

    • Target

      cee029b1438797b749a740be099fa82cffbbaa7a7507476f995c95a2d35a23d3.elf

    • Size

      87KB

    • MD5

      353a49ca2c9b8b35fb036b2de1587fc4

    • SHA1

      e5cd1ab8dc2c224a5b82113a41ec46479895ae27

    • SHA256

      cee029b1438797b749a740be099fa82cffbbaa7a7507476f995c95a2d35a23d3

    • SHA512

      8a47f0d0a8899d153cf80d5579d7ca8f81b9efe9daf93a2f60f72d5ad1ed77a360f3ff6f93cad6b016a52ec6a6f76b94bf2d427f6d9eda0bc5f7cf609e6fd484

    • SSDEEP

      1536:GJTjy914iDyIV6n30taWKqlpbfc/SLuZ++5+BJoK+mcS/:GJTj614NNczc/0ublmx

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

    • Renames itself

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

MITRE ATT&CK Enterprise v15

Tasks