echobot | 93c4fec8d6985f5d144c703541e13f4bc39ced50aa786e73744d0e3fd239b927 | Triage

Submit
Reports

Overview

overview

Static

static

jade.mips.elf

debian-9-mips

9

Sharing

General

Target

jade.mips.elf
Size

95KB
Sample

250219-xh539awrhq
MD5

a7a654119ac6772a74157e2c0253cfce
SHA1

ac606e65f850725fec2e4092510e3a52bf7f8795
SHA256

93c4fec8d6985f5d144c703541e13f4bc39ced50aa786e73744d0e3fd239b927
SHA512

94c6f8fbefbdf014a2ed30255b967bc56d21326d42fb9e20cf4e7dba62caae0f136c3d557496cb2f1f5f5bad78aa5d8cb9bf003beb841376dc8a2fc2bd5431ba
SSDEEP

1536:U9aImucT6Wv4ZgarBYBo8ynC0xyIGuui0fhJ4lzHWyZ2fGLkQzN:zuWbv+zY7ynxyI7ujJ4lzHWyZ2+PzN

Score

10^/10

echobot mirai defense_evasion discovery

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

jade.mips.elf

Resource

debian9-mipsbe-20240729-en

defense_evasion discovery

debian-9-mips

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  jade.mips.elf
- Size
  
  95KB
- MD5
  
  a7a654119ac6772a74157e2c0253cfce
- SHA1
  
  ac606e65f850725fec2e4092510e3a52bf7f8795
- SHA256
  
  93c4fec8d6985f5d144c703541e13f4bc39ced50aa786e73744d0e3fd239b927
- SHA512
  
  94c6f8fbefbdf014a2ed30255b967bc56d21326d42fb9e20cf4e7dba62caae0f136c3d557496cb2f1f5f5bad78aa5d8cb9bf003beb841376dc8a2fc2bd5431ba
- SSDEEP
  
  1536:U9aImucT6Wv4ZgarBYBo8ynC0xyIGuui0fhJ4lzHWyZ2fGLkQzN:zuWbv+zY7ynxyI7ujJ4lzHWyZ2+PzN
Score

9^/10

defense_evasion discovery
- Contacts a large (240596) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
- Enumerates active TCP sockets
  Gets active TCP sockets from /proc virtual filesystem.
  discovery
- Enumerates running processes
  Discovers information about currently running processes on the system
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Network Service Discovery

System Network Configuration Discovery

Internet Connection Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery

© 2018-2025

Terms | Privacy