bf1483bbfa61945f4809fcf2c1233d263ecb7c3f1a2e29c819e59eea61fd831c | Triage

Sharing

General

Target

76ee7ff8a27e82cbba9da8d9c0e15b70
Size

67KB
Sample

210223-nzf4c625ax
MD5

76ee7ff8a27e82cbba9da8d9c0e15b70
SHA1

f7ad24f772a8c3632a3fa8c7bfebcf9647613bfe
SHA256

bf1483bbfa61945f4809fcf2c1233d263ecb7c3f1a2e29c819e59eea61fd831c
SHA512

ca2db3e7772cd9ad677d268766d8478385cce50878403a39803ce98eeb92f48a82ecea1ce7683a5652b17b6cdd1e189418c42848c2cd0a74e1eac4a663ede93b

Score

9^/10

linux

Malware Config

Targets

- Target
  
  76ee7ff8a27e82cbba9da8d9c0e15b70
- Size
  
  67KB
- MD5
  
  76ee7ff8a27e82cbba9da8d9c0e15b70
- SHA1
  
  f7ad24f772a8c3632a3fa8c7bfebcf9647613bfe
- SHA256
  
  bf1483bbfa61945f4809fcf2c1233d263ecb7c3f1a2e29c819e59eea61fd831c
- SHA512
  
  ca2db3e7772cd9ad677d268766d8478385cce50878403a39803ce98eeb92f48a82ecea1ce7683a5652b17b6cdd1e189418c42848c2cd0a74e1eac4a663ede93b
Score

9^/10
- Modifies the Watchdog daemon
  Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
- Reads runtime system information
  Reads data from /proc virtual filesystem.
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3