Analysis

  • max time kernel
    148s
  • max time network
    152s
  • platform
    ubuntu-22.04_amd64
  • resource
    ubuntu2204-amd64-20240611-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2204-amd64-20240611-enkernel:5.15.0-105-genericlocale:en-usos:ubuntu-22.04-amd64system
  • submitted
    14-11-2024 02:43

General

  • Target

    84dac722161551d6735f84d82db956233322c1e2099000cc076c78ac177fa823.elf

  • Size

    80KB

  • MD5

    0c23e652086add7954804fff265703d2

  • SHA1

    d673a1b0c36d67f36a426ab9fb0c7fbdb4eda735

  • SHA256

    84dac722161551d6735f84d82db956233322c1e2099000cc076c78ac177fa823

  • SHA512

    90d2a5959089a799f866e585a1f7cc36201d8da1315a3c728b5f43600dc4b5e76923ce62dadf83a09cd4f506d0611e10f51fd3ffd9e9ac6af650fea96c7cc52e

  • SSDEEP

    1536:lps8VcvdWqEFgaT0Go7tgHuUA31gYr3pV1DeBwvkr:lp/caW2oK+RqaM

Malware Config

Signatures

  • Modifies Watchdog functionality 1 TTPs 2 IoCs

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

  • Enumerates running processes

    Discovers information about currently running processes on the system

  • Writes file to system bin folder 2 IoCs
  • Reads runtime system information 64 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/84dac722161551d6735f84d82db956233322c1e2099000cc076c78ac177fa823.elf
    /tmp/84dac722161551d6735f84d82db956233322c1e2099000cc076c78ac177fa823.elf
    1⤵
    • Modifies Watchdog functionality
    • Writes file to system bin folder
    • Reads runtime system information
    PID:1593

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads