Overview

overview

10

Static

static

10

80e6680763...2c.elf

ubuntu-22.04-amd64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    80e66807631cac8a5414bd6de6cc06f672b872dc040725a9ccbb092437f7e22c.elf

  • Size

    111KB

  • Sample

    240702-b291navgpr

  • MD5

    0689c812b0e267315832ac7d823c77e5

  • SHA1

    d9f0bcb4545200c699d8c8733e701c1fd2489722

  • SHA256

    80e66807631cac8a5414bd6de6cc06f672b872dc040725a9ccbb092437f7e22c

  • SHA512

    405514e56a9b4b0ecac0250bc966cce4e9058cb91e2f5721889d9af8d5f6b0f9b0d82eaf3b47eb30a55747924bd1c0ab5270ace4c2a1cf284c054456b7e6d0f7

  • SSDEEP

    3072:Q9oAhOnQNDQt4xEtQu3fWUBn9emFK0AYFrku:RAhOnQN02bUB9emFK0AYFrku

Score
10/10
gafgytlinux

Malware Config

Targets

    • Target

      80e66807631cac8a5414bd6de6cc06f672b872dc040725a9ccbb092437f7e22c.elf

    • Size

      111KB

    • MD5

      0689c812b0e267315832ac7d823c77e5

    • SHA1

      d9f0bcb4545200c699d8c8733e701c1fd2489722

    • SHA256

      80e66807631cac8a5414bd6de6cc06f672b872dc040725a9ccbb092437f7e22c

    • SHA512

      405514e56a9b4b0ecac0250bc966cce4e9058cb91e2f5721889d9af8d5f6b0f9b0d82eaf3b47eb30a55747924bd1c0ab5270ace4c2a1cf284c054456b7e6d0f7

    • SSDEEP

      3072:Q9oAhOnQNDQt4xEtQu3fWUBn9emFK0AYFrku:RAhOnQN02bUB9emFK0AYFrku

    Score
    7/10

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

    behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

1
T1562

Credential Access

Discovery

System Network Configuration Discovery

2
T1016

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks