5fa70a36cc2ac68dfe216e4007848b7e90722a82acc7ca1778780b7393b3f735 | Triage

Sharing

General

Target

X86_64
Size

79KB
Sample

210927-xmgw8ahgf6
MD5

28007c7ac1c6c2880279aeaab2c25f17
SHA1

ac64ad6324ac4ccf079dfd4c8255d1cbf3175306
SHA256

5fa70a36cc2ac68dfe216e4007848b7e90722a82acc7ca1778780b7393b3f735
SHA512

d8b63bd73cd59f852723fdf58ea661a56bb1924746b8c4b0a9ca609cc02a532d51b3d51ccbcc798b6f734365377bbef1cf5bd706f7359f560386855ed14f7547

Score

9^/10

linux

Malware Config

Targets

- Target
  
  X86_64
- Size
  
  79KB
- MD5
  
  28007c7ac1c6c2880279aeaab2c25f17
- SHA1
  
  ac64ad6324ac4ccf079dfd4c8255d1cbf3175306
- SHA256
  
  5fa70a36cc2ac68dfe216e4007848b7e90722a82acc7ca1778780b7393b3f735
- SHA512
  
  d8b63bd73cd59f852723fdf58ea661a56bb1924746b8c4b0a9ca609cc02a532d51b3d51ccbcc798b6f734365377bbef1cf5bd706f7359f560386855ed14f7547
Score

9^/10
- Modifies the Watchdog daemon
  Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
- Reads system routing table
  Gets active network interfaces from /proc virtual filesystem.
- Reads system network configuration
  Uses contents of /proc filesystem to enumerate network settings.
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3