Extracted

• • Target

    bde1f436368a6eb6cc655643b4a463d4e83e064db00ce12a48d9d3ee6a2ffc99.elf

  • Size

    82KB

  • MD5

    e4c06f131d9c9081859ab1071b6fa221

  • SHA1

    b08a82702d62782a9d64b8b5607300ac513c6992

  • SHA256

    bde1f436368a6eb6cc655643b4a463d4e83e064db00ce12a48d9d3ee6a2ffc99

  • SHA512

    cd1c52ad973e598556969f46455655e00eaba09464c1cff703b56a7a8a6e47793bee62770228b4e5950766b726baa54c5fb0b49e7a35256d8bc1ac7a864b0f9d

  • SSDEEP

    1536:boViXgeg8lbip2Mq/UrMFswJflvwT7F/LEHRn7r6sSHv44:boV/KH1WwJtYT7RLEJfe44

  Score

  7^/10

  defense_evasiondiscoveryevasionpersistenceprivilege_escalation

  • Deletes Audit logs

    Deletes logs related to the Linux Audit framework.

    evasion

  • Deletes itself

  • Deletes system logs

    Deletes log file which contains global system messages. Adversaries may delete system logs to minimize their footprint.

    evasion

  • Modifies Watchdog functionality

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    defense_evasion

  • Deletes log files

    Deletes log files on the system.

    defense_evasion

  • Enumerates running processes

    Discovers information about currently running processes on the system

  • Modifies systemd

    Adds/ modifies systemd service files. Likely to achieve persistence.

    persistenceprivilege_escalation
  behavioral1