General

  • Target

    fef73963d4087fd2da9abc5501e8f9b8.bin

  • Size

    23KB

  • Sample

    241217-cdgjwaxphk

  • MD5

    fc81fe17145dd3d6a8d4d3353acf04f8

  • SHA1

    49b6bad0c1d489f69ff2594fe62cc531f743ad84

  • SHA256

    797818008b463e874a7527faac2019053b3dccd6d3e211d8c6888a89fbc72aba

  • SHA512

    1c661967c1662f59a516627fb09c03f6726a23262f3cc1e51c2d4589146f20e37653b5fc9fda4451a3b9acd32b90069c07b54fc766cccd2a43449c8465d73eab

  • SSDEEP

    384:hnXvhuwcKgGOSSrJe3E0K/SNEzhsHjHQ89JFzcjC5V1PbFfW6kT9k7GvvYfV4+53:hnXJH5FSrylK6NEzh6jH1JcjC5A629jI

Malware Config

Targets

    • Target

      cb79ac091b817342d2c9f4061588360d7be2dd0771910054e7d1b45aca940aa7.elf

    • Size

      45KB

    • MD5

      fef73963d4087fd2da9abc5501e8f9b8

    • SHA1

      502acae3bda35629e1ced3de6c0cca16fe98c07d

    • SHA256

      cb79ac091b817342d2c9f4061588360d7be2dd0771910054e7d1b45aca940aa7

    • SHA512

      d44a6dc1b19748ac3071db4fefabb701f64c23566eed4e7bc9dccdde2c8523f3b30986fede4652d225a3396cea24ee505f8e26935fb2865e16bb304abc1ca31c

    • SSDEEP

      768:wZn5zr/7tUFkLuQQtEXLLFTV71NY+FEC9QnsOzU+fumpUisIbSNiykofoHgOIlhi:wZnZ7tUKL3QtSXRV71NYSEwQsOzLPiIz

    • Contacts a large (35006) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

MITRE ATT&CK Enterprise v15

Tasks