Extracted

• • Target

    arm.elf

  • Size

    82KB

  • MD5

    c29418d4e5670276c4e09e8600327919

  • SHA1

    3807e79f2a9ab460d41223775fcd03fd5b784c33

  • SHA256

    278c03f07e3ca082c11f74e9b98c45aa12134e253f14f7fa2b58970077b78b1a

  • SHA512

    15304d54a5ac9189f662ba40d86ba33db1e0749438289a9944bd88319fde776f3e4e857bea320365ef69136455b0885547c129cac8522c5ab34fbd3294635879

  • SSDEEP

    1536:boViXgeg8lbip2Mq/UrMFswJflvwT7F/LEHRn7r6sSHv43:boV/KH1WwJtYT7RLEJfe43

  Score

  7^/10

  defense_evasiondiscoveryevasionpersistenceprivilege_escalation

  • Deletes Audit logs

    Deletes logs related to the Linux Audit framework.

    evasion

  • Deletes itself

  • Deletes system logs

    Deletes log file which contains global system messages. Adversaries may delete system logs to minimize their footprint.

    evasion

  • Modifies Watchdog functionality

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    defense_evasion

  • Deletes log files

    Deletes log files on the system.

    defense_evasion

  • Enumerates running processes

    Discovers information about currently running processes on the system

  • Modifies systemd

    Adds/ modifies systemd service files. Likely to achieve persistence.

    persistenceprivilege_escalation
  behavioral1