echobot | b08b58acb44d6d8fd3c188b2218e17d62b9a13bef589a728beab257a0a07064d | Triage

Submit
Reports

Overview

overview

Static

static

belks.mips.elf

debian-9-mips

9

Sharing

General

Target

belks.mips.elf
Size

91KB
Sample

241029-xr4a1syaqg
MD5

136dd80aed610d45bbe9449a770b1571
SHA1

dbcf3f00cb344527c39d990f27d3fee563630a75
SHA256

b08b58acb44d6d8fd3c188b2218e17d62b9a13bef589a728beab257a0a07064d
SHA512

f3aeffab5b4199c0cb0d34578c274dde3e286b49f307e075af6a9313c6fe69583f80c8ae15e10238fe27c7d4fc3a82cec5b18f3715eda4c2ae0ffe439d6bde7b
SSDEEP

1536:r7bil4kcwdrxb4+ba5vRE/ENLnz13ugYnTFR+LHuKxgL+Pn9G:bilzxbVMQEdnz1+g4R+LHuKCqc

Score

10^/10

echobot mirai defense_evasion discovery

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

belks.mips.elf

Resource

debian9-mipsbe-20240611-en

defense_evasion discovery

debian-9-mips

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  belks.mips.elf
- Size
  
  91KB
- MD5
  
  136dd80aed610d45bbe9449a770b1571
- SHA1
  
  dbcf3f00cb344527c39d990f27d3fee563630a75
- SHA256
  
  b08b58acb44d6d8fd3c188b2218e17d62b9a13bef589a728beab257a0a07064d
- SHA512
  
  f3aeffab5b4199c0cb0d34578c274dde3e286b49f307e075af6a9313c6fe69583f80c8ae15e10238fe27c7d4fc3a82cec5b18f3715eda4c2ae0ffe439d6bde7b
- SSDEEP
  
  1536:r7bil4kcwdrxb4+ba5vRE/ENLnz13ugYnTFR+LHuKxgL+Pn9G:bilzxbVMQEdnz1+g4R+LHuKCqc
Score

9^/10

defense_evasion discovery
- Contacts a large (132036) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
- Enumerates active TCP sockets
  Gets active TCP sockets from /proc virtual filesystem.
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Network Service Discovery

System Network Configuration Discovery

Internet Connection Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery

© 2018-2024

Terms | Privacy