Extracted

• • Target

    mips

  • Size

    103KB

  • MD5

    4a9e58e6ab428799caebadff9d0417a1

  • SHA1

    9a61f024abf4b15cb7ce9bb30e6cd5e9b602f915

  • SHA256

    9cfe627fa81f798ae426f7b262d16602c5f6e9273e464ed38cc0e65daa7647b5

  • SHA512

    351d81fefe90928500e0b7331ff2524cdb7a05bee134c67f3f55d7b65141c4ead233a586026eb591da9d377f50fcbd8eded6772786320c0abb20e621a6dddf3c

  • SSDEEP

    1536:zO9Bm/RtCZiqr33Dc48uuwD7CFKygt6c9e8WDC1ieMbFXIg:yBm/zCZiyn448uuvRgt6c9e8YC1GFXP

  Score

  7^/10

  defense_evasiondiscoveryevasionpersistenceprivilege_escalation

  • Deletes Audit logs

    Deletes logs related to the Linux Audit framework.

    evasion

  • Deletes itself

  • Deletes system logs

    Deletes log file which contains global system messages. Adversaries may delete system logs to minimize their footprint.

    evasion

  • Modifies Watchdog functionality

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    defense_evasion

  • Deletes log files

    Deletes log files on the system.

    defense_evasion

  • Enumerates running processes

    Discovers information about currently running processes on the system

  • Modifies systemd

    Adds/ modifies systemd service files. Likely to achieve persistence.

    persistenceprivilege_escalation
  behavioral1