75f78b921ec1f3e939f0883fcf9744e463e0c48d867d1319034d37c144abf494

Analysis

max time kernel
125s
max time network
129s
platform
ubuntu-22.04_amd64
resource
ubuntu2204-amd64-20240729-en
resource tags

arch:amd64arch:i386image:ubuntu2204-amd64-20240729-enkernel:5.15.0-105-genericlocale:en-usos:ubuntu-22.04-amd64system
submitted
18/02/2025, 19:12

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

i686.elf
Size

111KB
MD5

b6ab9062ea1dc922ea752cb25887c660
SHA1

996ee159455868802a6840f0267c53df1a1131fb
SHA256

75f78b921ec1f3e939f0883fcf9744e463e0c48d867d1319034d37c144abf494
SHA512

ddcd054e938996c01aa0854cc60407423add8854435561af7293f75ea5c99900d2c87a16bf1e53cb5359af179555b1806f7472256259c48f123511f041427e7f
SSDEEP

3072:mjzWBo5X5jLu6854Kne0u7kwbgyHgm5qbyCYXmh:g/66CAHHgm5qbyRXmh

Score

7^/10

defense_evasion

Malware Config

Signatures

Modifies Watchdog functionality 1 TTPs 2 IoCs

Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

defense_evasion

Impair Defenses

T1562

description	ioc
File opened for modification	/dev/watchdog
File opened for modification	/dev/misc/watchdog

Changes its process name 1 IoCs

description	pid
Changes the process name, possibly in an attempt to hide itself	1574

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

T1562

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Windows 7 deprecation

Loading Replay Monitor...