Analysis
-
max time kernel
8374s -
max time network
152s -
platform
linux_amd64 -
resource
ubuntu-amd64 -
submitted
23-02-2021 19:06
Static task
static1
Behavioral task
behavioral1
Sample
76ee7ff8a27e82cbba9da8d9c0e15b70
Resource
ubuntu-amd64
Behavioral task
behavioral2
Sample
76ee7ff8a27e82cbba9da8d9c0e15b70
Resource
debian9-mipsel
Behavioral task
behavioral3
Sample
76ee7ff8a27e82cbba9da8d9c0e15b70
Resource
debian9-mipsbe
General
-
Target
76ee7ff8a27e82cbba9da8d9c0e15b70
-
Size
67KB
-
MD5
76ee7ff8a27e82cbba9da8d9c0e15b70
-
SHA1
f7ad24f772a8c3632a3fa8c7bfebcf9647613bfe
-
SHA256
bf1483bbfa61945f4809fcf2c1233d263ecb7c3f1a2e29c819e59eea61fd831c
-
SHA512
ca2db3e7772cd9ad677d268766d8478385cce50878403a39803ce98eeb92f48a82ecea1ce7683a5652b17b6cdd1e189418c42848c2cd0a74e1eac4a663ede93b
Malware Config
Signatures
-
Modifies the Watchdog daemon 1 TTPs
Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
-
Reads runtime system information 12 IoCs
Reads data from /proc virtual filesystem.
Processes:
description ioc /proc/ /proc/ /proc/477/maps /proc/477/maps /proc/479/maps /proc/479/maps /proc/561/maps /proc/561/maps /proc/567/maps /proc/567/maps /proc/568/maps /proc/568/maps /proc/416/maps /proc/416/maps /proc/443/maps /proc/443/maps /proc/447/maps /proc/447/maps /proc/546/maps /proc/546/maps /proc/564/maps /proc/564/maps /proc/566/maps /proc/566/maps