General

  • Target

    i686.elf

  • Size

    28KB

  • Sample

    241211-1q3jwatqgl

  • MD5

    15fb222600a3061f5c8e5ef04e5298a6

  • SHA1

    93b4a17632479c8a45e2554a18ea61ea7365c532

  • SHA256

    fff08f2a1a9c20d447ac5cacb89df1287bb830a2fc0cd5866d31d9f3ba653965

  • SHA512

    11e390838b35bdacfa84ebdfc076f564abc1538bc972895b81d2156be52177bb25d62662871ae624747cca29e089a7a9a6ef205db4c694a2c106641d33942c34

  • SSDEEP

    384:MLbVUhN0dUfiBCtrw06IVQtpCVRlRY4oPoOWiZtWpfBmbLh56sHs4lW8i/vUHgDM:OhUMnCPCAlRUP/3LDJHsB8i0HgDf0

Malware Config

Targets

    • Target

      i686.elf

    • Size

      28KB

    • MD5

      15fb222600a3061f5c8e5ef04e5298a6

    • SHA1

      93b4a17632479c8a45e2554a18ea61ea7365c532

    • SHA256

      fff08f2a1a9c20d447ac5cacb89df1287bb830a2fc0cd5866d31d9f3ba653965

    • SHA512

      11e390838b35bdacfa84ebdfc076f564abc1538bc972895b81d2156be52177bb25d62662871ae624747cca29e089a7a9a6ef205db4c694a2c106641d33942c34

    • SSDEEP

      384:MLbVUhN0dUfiBCtrw06IVQtpCVRlRY4oPoOWiZtWpfBmbLh56sHs4lW8i/vUHgDM:OhUMnCPCAlRUP/3LDJHsB8i0HgDf0

    • Contacts a large (114379) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

MITRE ATT&CK Enterprise v15

Tasks