General

  • Target

    c84fca197a6c0d8da1e804407643d901.bin

  • Size

    40KB

  • Sample

    241028-b6d4saxhnl

  • MD5

    684218816213be964ea1a6d7f9eea919

  • SHA1

    cc8ddc9893bae38394666b6155686cafd20f3f47

  • SHA256

    39207de2049b011a1f01695db33fec720fb0b7044a2557948cace8e12ddf6dfa

  • SHA512

    4bd8a724fa0e227a257ce69ea4ec103ff5f9440f7c363819630941042cfefdcb8d4a4e337a194383e0817d547e24818cb4ab3b2bb7325557811c130777bb50a7

  • SSDEEP

    768:zneawKUkW/7D7IU8kTqLz9++OOAzrWOjavA3DFj6V+qalAnNlTam1eEUS47Leou6:beaTOf7/S9YTavyDl6VV3amR9MeoFX

Malware Config

Targets

    • Target

      b302e2b482811ec560af9f458ad4fa120e6f6d98b0b70a9256c313bfc7d99f51.elf

    • Size

      73KB

    • MD5

      c84fca197a6c0d8da1e804407643d901

    • SHA1

      b18d35378928ff15d652cdb21e48d48abac2ffa8

    • SHA256

      b302e2b482811ec560af9f458ad4fa120e6f6d98b0b70a9256c313bfc7d99f51

    • SHA512

      eaed6b072815f9cde6d907a3b13356c982f6fbda66d3893dbb04ee57cd995bd7925d09612a6cf6f738aec6d61440c206bd64cabb935884c302714a2331331532

    • SSDEEP

      1536:Fjr84jhcwmCpuxo7UfezBWKcqE3Ei919UCDZ:Fjr84jSwm47welfcq89E6

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

    • Renames itself

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    • Enumerates running processes

      Discovers information about currently running processes on the system

MITRE ATT&CK Enterprise v15

Tasks