General

  • Target

    i586.elf

  • Size

    64KB

  • Sample

    241119-3y1flazqhq

  • MD5

    e8db1cf2cf23dbf8e181ada20c2049e7

  • SHA1

    632fca32b52f7c203affb767420938ffce12b281

  • SHA256

    535a99fd532cd99396a36dca97bf4b8c0566a516970f60c7ff2314e442538b3a

  • SHA512

    3767943f16d7f824afa81231b6a290b4a61cc93d39d3478edbe5596ccb5c2d438528945ef07fe9405bf74e734b41e8bd90835491ecb02e2ef5f133c9cc91bbe1

  • SSDEEP

    1536:a3zrIGcpirg0odz27+m+/JA4b7O2FPcMuaiDZlOYpS++:kzkGcIES7+XLWacraGQm+

Malware Config

Targets

    • Target

      i586.elf

    • Size

      64KB

    • MD5

      e8db1cf2cf23dbf8e181ada20c2049e7

    • SHA1

      632fca32b52f7c203affb767420938ffce12b281

    • SHA256

      535a99fd532cd99396a36dca97bf4b8c0566a516970f60c7ff2314e442538b3a

    • SHA512

      3767943f16d7f824afa81231b6a290b4a61cc93d39d3478edbe5596ccb5c2d438528945ef07fe9405bf74e734b41e8bd90835491ecb02e2ef5f133c9cc91bbe1

    • SSDEEP

      1536:a3zrIGcpirg0odz27+m+/JA4b7O2FPcMuaiDZlOYpS++:kzkGcIES7+XLWacraGQm+

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

    • Loads a kernel module

      Loads a Linux kernel module, potentially to achieve persistence

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

MITRE ATT&CK Enterprise v15

Tasks