echobot | b6db3d3458c7197a5c54e308c489a3fa87b3d6ee609e583a24b9763e645ce4ef | Triage

Submit
Reports

Overview

overview

Static

static

jade.arm7.elf

debian-12-armhf

9

Sharing

General

Target

jade.arm7.elf
Size

150KB
Sample

250219-xh5sgswpdt
MD5

639092ac0efb8a873dcb83d3778359f4
SHA1

893e55dc19312259db8b766abb0ceca84be5d2e5
SHA256

b6db3d3458c7197a5c54e308c489a3fa87b3d6ee609e583a24b9763e645ce4ef
SHA512

ecd817a072f1acdd39a137b4971f3dcba161dba4656ce9ec41cc262ca992b82c0b8c769dbe8ee6a54d710ca4d7c04a186494a703333236f4f6beb1920448008b
SSDEEP

3072:iUblfs+JeHxwamJiBUdKwH5m3m7phtcmfXfMYM/9Wj3We:iURfsCevGKwH5m3mdhzXfLM/9GWe

Score

10^/10

echobot mirai defense_evasion discovery

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

jade.arm7.elf

Resource

debian12-armhf-20240418-en

defense_evasion discovery

debian-12-armhf

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  jade.arm7.elf
- Size
  
  150KB
- MD5
  
  639092ac0efb8a873dcb83d3778359f4
- SHA1
  
  893e55dc19312259db8b766abb0ceca84be5d2e5
- SHA256
  
  b6db3d3458c7197a5c54e308c489a3fa87b3d6ee609e583a24b9763e645ce4ef
- SHA512
  
  ecd817a072f1acdd39a137b4971f3dcba161dba4656ce9ec41cc262ca992b82c0b8c769dbe8ee6a54d710ca4d7c04a186494a703333236f4f6beb1920448008b
- SSDEEP
  
  3072:iUblfs+JeHxwamJiBUdKwH5m3m7phtcmfXfMYM/9Wj3We:iURfsCevGKwH5m3mdhzXfLM/9GWe
Score

9^/10

defense_evasion discovery
- Contacts a large (482730) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
- Enumerates active TCP sockets
  Gets active TCP sockets from /proc virtual filesystem.
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Network Service Discovery

System Network Configuration Discovery

Internet Connection Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery

© 2018-2025

Terms | Privacy