General

  • Target

    63e389a3d5251cbeaaab08d5d0cad2b49226eb0764652c64d3f663f7ad8a393f.elf

  • Size

    5.6MB

  • Sample

    241105-dxh3gswlbr

  • MD5

    a588866d01919ba373464c54536b57a8

  • SHA1

    1bff6f7edc7522ad35563b7998cb85bf7df09baf

  • SHA256

    63e389a3d5251cbeaaab08d5d0cad2b49226eb0764652c64d3f663f7ad8a393f

  • SHA512

    f9743b778aa1fc11b7b95939ab613335b40c5cfbd45f640811af0cc55d22f18bb0a9f90fddbfc91efbfd4b67803d143962cd1a578b59fb0b827d68b405c06cfc

  • SSDEEP

    98304:yC91hAFxvW6WGVqq7g3JDCg76dAuE8iW5ay5mIOX+aaNcc8pNkxXkz8xBs3K4HUj:yC91hAFxvW6WGVqq7g3JDCg76dAuE8iQ

Malware Config

Targets

    • Target

      63e389a3d5251cbeaaab08d5d0cad2b49226eb0764652c64d3f663f7ad8a393f.elf

    • Size

      5.6MB

    • MD5

      a588866d01919ba373464c54536b57a8

    • SHA1

      1bff6f7edc7522ad35563b7998cb85bf7df09baf

    • SHA256

      63e389a3d5251cbeaaab08d5d0cad2b49226eb0764652c64d3f663f7ad8a393f

    • SHA512

      f9743b778aa1fc11b7b95939ab613335b40c5cfbd45f640811af0cc55d22f18bb0a9f90fddbfc91efbfd4b67803d143962cd1a578b59fb0b827d68b405c06cfc

    • SSDEEP

      98304:yC91hAFxvW6WGVqq7g3JDCg76dAuE8iW5ay5mIOX+aaNcc8pNkxXkz8xBs3K4HUj:yC91hAFxvW6WGVqq7g3JDCg76dAuE8iQ

    • Executes dropped EXE

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Enumerates running processes

      Discovers information about currently running processes on the system

    • Modifies init.d

      Adds/modifies system service, likely for persistence.

    • Modifies systemd

      Adds/ modifies systemd service files. Likely to achieve persistence.

MITRE ATT&CK Enterprise v15

Tasks