General
-
Target
linux_mipsel_softfloat.elf
-
Size
5.6MB
-
Sample
241108-lc2yvszeng
-
MD5
6ea82095eee896f2b4100d8491218f4a
-
SHA1
6c3be3d799d342265897140c81e8b744d430e3b9
-
SHA256
4c65f49d6a7b360b0492ee41273fb1c6223d2771286740d1a7f91ee921dce0dd
-
SHA512
e870c93be276682ef32f0a2f11c0f5f5477bbd1159399ebf13b2c1a42101e9614fb17c9f242527ac3b823e2f47a13b8c28060aa5669581d7c65bc9af6eb5e4ae
-
SSDEEP
49152:+RxVVRFMTwbupkYzfgh7rxQ2USaU85Jbq1rQcR6VYv0VF1:
Behavioral task
behavioral1
Sample
linux_mipsel_softfloat.elf
Resource
debian12-mipsel-20240418-en
Malware Config
Targets
-
-
Target
linux_mipsel_softfloat.elf
-
Size
5.6MB
-
MD5
6ea82095eee896f2b4100d8491218f4a
-
SHA1
6c3be3d799d342265897140c81e8b744d430e3b9
-
SHA256
4c65f49d6a7b360b0492ee41273fb1c6223d2771286740d1a7f91ee921dce0dd
-
SHA512
e870c93be276682ef32f0a2f11c0f5f5477bbd1159399ebf13b2c1a42101e9614fb17c9f242527ac3b823e2f47a13b8c28060aa5669581d7c65bc9af6eb5e4ae
-
SSDEEP
49152:+RxVVRFMTwbupkYzfgh7rxQ2USaU85Jbq1rQcR6VYv0VF1:
-
Executes dropped EXE
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates running processes
Discovers information about currently running processes on the system
-
Modifies systemd
Adds/ modifies systemd service files. Likely to achieve persistence.
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2XDG Autostart Entries
1Boot or Logon Initialization Scripts
1RC Scripts
1Create or Modify System Process
1Systemd Service
1