General
-
Target
loligang.mips
-
Size
87KB
-
Sample
210508-6cnc3v61ln
-
MD5
1d525662030f84350652a546b807f971
-
SHA1
bf27ab4f758e708cee00bc0ff04b31532d742ede
-
SHA256
cd6691aea67ec9cca45df0d52bd349598e9eba523991958db601676cb6141c64
-
SHA512
a6263383047ab45e1877b189f8776c285147bde324e3c07e63677ec30ebaad4a38df1bedad15b04d039afd37839d0b45a6d822d51bac84da8eaa5c89a46c7f55
Static task
static1
Behavioral task
behavioral1
Sample
loligang.mips
Resource
debian9-mipsbe
Malware Config
Targets
-
-
Target
loligang.mips
-
Size
87KB
-
MD5
1d525662030f84350652a546b807f971
-
SHA1
bf27ab4f758e708cee00bc0ff04b31532d742ede
-
SHA256
cd6691aea67ec9cca45df0d52bd349598e9eba523991958db601676cb6141c64
-
SHA512
a6263383047ab45e1877b189f8776c285147bde324e3c07e63677ec30ebaad4a38df1bedad15b04d039afd37839d0b45a6d822d51bac84da8eaa5c89a46c7f55
Score9/10-
Modifies the Watchdog daemon
Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
-
Enumerates active TCP sockets
Gets active TCP sockets from /proc virtual filesystem.
-
Reads system network configuration
Uses contents of /proc filesystem to enumerate network settings.
-
Reads runtime system information
Reads data from /proc virtual filesystem.
-