General

  • Target

    linux_mipsel.elf

  • Size

    5.6MB

  • Sample

    241028-e3hvcayjcr

  • MD5

    a6086bd5d54aee7434fbfbd25ee75957

  • SHA1

    a8e2fe631f1226f1fd413ddc491ac07f636c070e

  • SHA256

    1aff234b0114b12e8ca6c7c59b5c9a80ce3787a9e7f68d79030b46e8b7df5aad

  • SHA512

    0f650a4ccdb0342872089929147a02a48f9e81519ad02b7b713371ce3abc38dee22d065eeec3b0001834933cbb831dbed031fbe821096f5fe7b8edb7635b73a7

  • SSDEEP

    98304:yC91hAFxvW6WGVqq7g3JDCg76dAuE8iW5ay5mIOX+aaNcc8pNkxXkz8xBs3K4HUo:yC91hAFxvW6WGVqq7g3JDCg76dAuE8ij

Malware Config

Targets

    • Target

      linux_mipsel.elf

    • Size

      5.6MB

    • MD5

      a6086bd5d54aee7434fbfbd25ee75957

    • SHA1

      a8e2fe631f1226f1fd413ddc491ac07f636c070e

    • SHA256

      1aff234b0114b12e8ca6c7c59b5c9a80ce3787a9e7f68d79030b46e8b7df5aad

    • SHA512

      0f650a4ccdb0342872089929147a02a48f9e81519ad02b7b713371ce3abc38dee22d065eeec3b0001834933cbb831dbed031fbe821096f5fe7b8edb7635b73a7

    • SSDEEP

      98304:yC91hAFxvW6WGVqq7g3JDCg76dAuE8iW5ay5mIOX+aaNcc8pNkxXkz8xBs3K4HUo:yC91hAFxvW6WGVqq7g3JDCg76dAuE8ij

    • Executes dropped EXE

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Enumerates running processes

      Discovers information about currently running processes on the system

    • Modifies init.d

      Adds/modifies system service, likely for persistence.

    • Modifies systemd

      Adds/ modifies systemd service files. Likely to achieve persistence.

MITRE ATT&CK Enterprise v15

Tasks