General

  • Target

    linux_mipsel.elf

  • Size

    5.6MB

  • Sample

    250419-xgy9baszhs

  • MD5

    7cd85a4f4b805778428fa50679707d02

  • SHA1

    d9e77b673a46500d207deb28b52a0fb531b9d5e0

  • SHA256

    73403bb4d294240f4755092de37abe84254493026bd69adf58e530799fbc3676

  • SHA512

    b5c1f2d7361868227602d5c3c62768db55df218fb7c31af201d9b7d6bf6590f07d041df98b9963c74c9d3f655e7707cb8ed71caee324b89e5084bba4545cde19

  • SSDEEP

    49152:F/lUKl0OQ8ijxiTgZAziZNfghwgAQ2OEFkYSmDy0VF1:GFh

Malware Config

Targets

    • Target

      linux_mipsel.elf

    • Size

      5.6MB

    • MD5

      7cd85a4f4b805778428fa50679707d02

    • SHA1

      d9e77b673a46500d207deb28b52a0fb531b9d5e0

    • SHA256

      73403bb4d294240f4755092de37abe84254493026bd69adf58e530799fbc3676

    • SHA512

      b5c1f2d7361868227602d5c3c62768db55df218fb7c31af201d9b7d6bf6590f07d041df98b9963c74c9d3f655e7707cb8ed71caee324b89e5084bba4545cde19

    • SSDEEP

      49152:F/lUKl0OQ8ijxiTgZAziZNfghwgAQ2OEFkYSmDy0VF1:GFh

    • Executes dropped EXE

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Enumerates running processes

      Discovers information about currently running processes on the system

    • Modifies init.d

      Adds/modifies system service, likely for persistence.

    • Modifies systemd

      Adds/ modifies systemd service files. Likely to achieve persistence.

MITRE ATT&CK Enterprise v16

Tasks