b60ad90687871ae94e2b33cf2320f523ee614893215335dc5958a6a705488330 | Triage

Submit
Reports

Overview

overview

7

Static

static

1

2be087e542...79.elf

ubuntu-22.04-amd64

7

Sharing

General

Target

2be087e54204a6c395e05516c53fd579.elf
Size

5.1MB
Sample

240702-s7l98atepp
MD5

2be087e54204a6c395e05516c53fd579
SHA1

3bdad143cd168a2015aba2053e53f99a24d52ace
SHA256

b60ad90687871ae94e2b33cf2320f523ee614893215335dc5958a6a705488330
SHA512

2ab629a5f9637c7026069e5cc7b473968290b8eb42158dc93c46613d2b4b0ef39149f158b71dda8b2c8bbbebd58ba28cf5437fc0d083fca37deb84423a769db8
SSDEEP

49152:YB9Em2vjYVfh5jw9aF8k4yHwXrD3LwJKiCb85E6l9HblTLEGdvIRKnuI:QDVf/Y4jMrDr8E+rvuK1

Score

7^/10

linux persistence

Static task

static1

Behavioral task

behavioral1

Sample

2be087e54204a6c395e05516c53fd579.elf

Resource

ubuntu2204-amd64-20240611-en

ubuntu-22.04-amd64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  2be087e54204a6c395e05516c53fd579.elf
- Size
  
  5.1MB
- MD5
  
  2be087e54204a6c395e05516c53fd579
- SHA1
  
  3bdad143cd168a2015aba2053e53f99a24d52ace
- SHA256
  
  b60ad90687871ae94e2b33cf2320f523ee614893215335dc5958a6a705488330
- SHA512
  
  2ab629a5f9637c7026069e5cc7b473968290b8eb42158dc93c46613d2b4b0ef39149f158b71dda8b2c8bbbebd58ba28cf5437fc0d083fca37deb84423a769db8
- SSDEEP
  
  49152:YB9Em2vjYVfh5jw9aF8k4yHwXrD3LwJKiCb85E6l9HblTLEGdvIRKnuI:QDVf/Y4jMrDr8E+rvuK1
Score

7^/10

persistence
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
- Creates/modifies environment variables
  Creating/modifying environment variables is a common persistence mechanism.
  persistence
- Modifies init.d
  Adds/modifies system service, likely for persistence.
  persistence
- Modifies Bash startup script
  persistence
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Hijack Execution Flow

Boot or Logon Autostart Execution

Privilege Escalation

Hijack Execution Flow

Boot or Logon Autostart Execution

Defense Evasion

Impair Defenses

Hijack Execution Flow

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy