General
-
Target
d8b2542e888418c4d2a0121d5422639ddd947ba2ab19f2e09ea71d67bd87b4c8.elf
-
Size
5.6MB
-
Sample
250213-hnxazavjdn
-
MD5
3da678b112cb2b8a0c835ff64bd8504a
-
SHA1
1de6c50c8575fcb3766532ea978654975d517417
-
SHA256
d8b2542e888418c4d2a0121d5422639ddd947ba2ab19f2e09ea71d67bd87b4c8
-
SHA512
2f0940458b9acbf898a57ac7a21ecfc014648deb22f9f7b6465abb42e2bd17f8f33bd264a57f2e4bf1eea4418b6dcca96f6bf4e0ecf606abfbeb50c3a920ae67
-
SSDEEP
49152:+RxVVRFMTw5upkYzfgh7rxQ2USaU85Jbq1rQcR6VYv0VF1:
Malware Config
Targets
-
-
Target
d8b2542e888418c4d2a0121d5422639ddd947ba2ab19f2e09ea71d67bd87b4c8.elf
-
Size
5.6MB
-
MD5
3da678b112cb2b8a0c835ff64bd8504a
-
SHA1
1de6c50c8575fcb3766532ea978654975d517417
-
SHA256
d8b2542e888418c4d2a0121d5422639ddd947ba2ab19f2e09ea71d67bd87b4c8
-
SHA512
2f0940458b9acbf898a57ac7a21ecfc014648deb22f9f7b6465abb42e2bd17f8f33bd264a57f2e4bf1eea4418b6dcca96f6bf4e0ecf606abfbeb50c3a920ae67
-
SSDEEP
49152:+RxVVRFMTw5upkYzfgh7rxQ2USaU85Jbq1rQcR6VYv0VF1:
Score7/10-
Executes dropped EXE
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates running processes
Discovers information about currently running processes on the system
-
Modifies init.d
Adds/modifies system service, likely for persistence.
-
Modifies systemd
Adds/ modifies systemd service files. Likely to achieve persistence.
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2XDG Autostart Entries
1Boot or Logon Initialization Scripts
1RC Scripts
1Create or Modify System Process
1Systemd Service
1