General

  • Target

    linux_mipsel_softfloat.elf

  • Size

    5.6MB

  • Sample

    241108-lc2yvszeng

  • MD5

    6ea82095eee896f2b4100d8491218f4a

  • SHA1

    6c3be3d799d342265897140c81e8b744d430e3b9

  • SHA256

    4c65f49d6a7b360b0492ee41273fb1c6223d2771286740d1a7f91ee921dce0dd

  • SHA512

    e870c93be276682ef32f0a2f11c0f5f5477bbd1159399ebf13b2c1a42101e9614fb17c9f242527ac3b823e2f47a13b8c28060aa5669581d7c65bc9af6eb5e4ae

  • SSDEEP

    49152:+RxVVRFMTwbupkYzfgh7rxQ2USaU85Jbq1rQcR6VYv0VF1:

Malware Config

Targets

    • Target

      linux_mipsel_softfloat.elf

    • Size

      5.6MB

    • MD5

      6ea82095eee896f2b4100d8491218f4a

    • SHA1

      6c3be3d799d342265897140c81e8b744d430e3b9

    • SHA256

      4c65f49d6a7b360b0492ee41273fb1c6223d2771286740d1a7f91ee921dce0dd

    • SHA512

      e870c93be276682ef32f0a2f11c0f5f5477bbd1159399ebf13b2c1a42101e9614fb17c9f242527ac3b823e2f47a13b8c28060aa5669581d7c65bc9af6eb5e4ae

    • SSDEEP

      49152:+RxVVRFMTwbupkYzfgh7rxQ2USaU85Jbq1rQcR6VYv0VF1:

    • Executes dropped EXE

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Enumerates running processes

      Discovers information about currently running processes on the system

    • Modifies init.d

      Adds/modifies system service, likely for persistence.

    • Modifies systemd

      Adds/ modifies systemd service files. Likely to achieve persistence.

MITRE ATT&CK Enterprise v15

Tasks