General

  • Target

    linux_mipsel_softfloat.elf

  • Size

    5.6MB

  • Sample

    250412-w9dyeazj12

  • MD5

    ba37def8e44fdd8e2937e711949efe13

  • SHA1

    06f2e848f83c88e808fca8dada3ecf67a41452c7

  • SHA256

    11e0ef0293aa9cd02fe8070de01af44f76be39c88edda5c746579d50b765e8c5

  • SHA512

    fe6ac4818758793e245040f78f824bcaf5bb04515fd734e792650721535297b959417ae16f32acc68dffca143e1b84c6610aba23386be68653f9b5b096937421

  • SSDEEP

    49152:+RxVVRFMTw2upkYzfgh7rxQ2USaU85Jbq1rQcR6VYv0VF1:

Malware Config

Targets

    • Target

      linux_mipsel_softfloat.elf

    • Size

      5.6MB

    • MD5

      ba37def8e44fdd8e2937e711949efe13

    • SHA1

      06f2e848f83c88e808fca8dada3ecf67a41452c7

    • SHA256

      11e0ef0293aa9cd02fe8070de01af44f76be39c88edda5c746579d50b765e8c5

    • SHA512

      fe6ac4818758793e245040f78f824bcaf5bb04515fd734e792650721535297b959417ae16f32acc68dffca143e1b84c6610aba23386be68653f9b5b096937421

    • SSDEEP

      49152:+RxVVRFMTw2upkYzfgh7rxQ2USaU85Jbq1rQcR6VYv0VF1:

    • Executes dropped EXE

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Enumerates running processes

      Discovers information about currently running processes on the system

    • Modifies init.d

      Adds/modifies system service, likely for persistence.

    • Modifies systemd

      Adds/ modifies systemd service files. Likely to achieve persistence.

MITRE ATT&CK Enterprise v16

Tasks