Extracted

• • Target

    c834b13a679d369fbd24886bfd6232c895627ebb1c63e7c8642b568e1f7ffffe.elf

  • Size

    168KB

  • MD5

    ef90af569e453a92b2c8eb37ac23a2af

  • SHA1

    8e943eaf470af530503694488208a551aa86f515

  • SHA256

    c834b13a679d369fbd24886bfd6232c895627ebb1c63e7c8642b568e1f7ffffe

  • SHA512

    bab4294612a0f5690ae465af1aefcbc8992ff0590d6a15068095b9e36dbfd731c3fbe1f0840185f185f5caea127d97f75077572f289b9d278f83576b38852d4a

  • SSDEEP

    3072:8qwG+C1QT6mXRfDUnhaRkZzOQEfcl/lawSosRMDh7WOagM/9regU9:8qwG1mBf4haRkZzOQE0l/Qw0qh7WOhMA

  Score

  7^/10

  defense_evasiondiscoveryexecutionpersistenceprivilege_escalation

  • Deletes itself

  • Modifies Watchdog functionality

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    defense_evasion

  • Modifies systemd

    Adds/ modifies systemd service files. Likely to achieve persistence.

    persistenceprivilege_escalation
  behavioral1