General

  • Target

    b0d15ae15ddea91eba49906e03e65787613fcad8b190190dfde9f3cf62ee2be3.elf

  • Size

    5.6MB

  • Sample

    241105-eqz8vsvemk

  • MD5

    367d36e768c7cb7d7945cdf3c7a76d37

  • SHA1

    80940b9725f9194cc347e5efe987673f40c229a4

  • SHA256

    b0d15ae15ddea91eba49906e03e65787613fcad8b190190dfde9f3cf62ee2be3

  • SHA512

    19b4dcfd599d5969fcf483628b56d395553777b3c3d6c0ed965c05752e4128bce8522a7aacfcd8459e9e992fa0a900c39c8d08fd860d360aec0138b217d0dfa5

  • SSDEEP

    49152:+RxVVRFMTwIupkYzfgh7rxQ2USaU85Jbq1rQcR6VYv0VF1:

Malware Config

Targets

    • Target

      b0d15ae15ddea91eba49906e03e65787613fcad8b190190dfde9f3cf62ee2be3.elf

    • Size

      5.6MB

    • MD5

      367d36e768c7cb7d7945cdf3c7a76d37

    • SHA1

      80940b9725f9194cc347e5efe987673f40c229a4

    • SHA256

      b0d15ae15ddea91eba49906e03e65787613fcad8b190190dfde9f3cf62ee2be3

    • SHA512

      19b4dcfd599d5969fcf483628b56d395553777b3c3d6c0ed965c05752e4128bce8522a7aacfcd8459e9e992fa0a900c39c8d08fd860d360aec0138b217d0dfa5

    • SSDEEP

      49152:+RxVVRFMTwIupkYzfgh7rxQ2USaU85Jbq1rQcR6VYv0VF1:

    • Executes dropped EXE

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Enumerates running processes

      Discovers information about currently running processes on the system

    • Modifies init.d

      Adds/modifies system service, likely for persistence.

    • Modifies systemd

      Adds/ modifies systemd service files. Likely to achieve persistence.

MITRE ATT&CK Enterprise v15

Tasks