General
-
Target
6afe8e2d34a9d246a441fd8ec98790f9
-
Size
38KB
-
Sample
210727-a3znwlba9j
-
MD5
6afe8e2d34a9d246a441fd8ec98790f9
-
SHA1
f2b892e94a9b82ced759ac9b17a16cc575cbaae6
-
SHA256
5706673bd610b28324bf042be367bba2f04d5b6f1efe310a51d018295f317249
-
SHA512
39cbf102bf3b42bbeefc15402450e8b909b912648c4be1ce545b076bedc4f9b9052d02f21af8d76544cf2c1b8f68fed6598dcf5fd4790242dcd76eb6eaf6dde8
Static task
static1
Behavioral task
behavioral1
Sample
6afe8e2d34a9d246a441fd8ec98790f9
Resource
debian9-mipsel
Malware Config
Targets
-
-
Target
6afe8e2d34a9d246a441fd8ec98790f9
-
Size
38KB
-
MD5
6afe8e2d34a9d246a441fd8ec98790f9
-
SHA1
f2b892e94a9b82ced759ac9b17a16cc575cbaae6
-
SHA256
5706673bd610b28324bf042be367bba2f04d5b6f1efe310a51d018295f317249
-
SHA512
39cbf102bf3b42bbeefc15402450e8b909b912648c4be1ce545b076bedc4f9b9052d02f21af8d76544cf2c1b8f68fed6598dcf5fd4790242dcd76eb6eaf6dde8
Score9/10-
Modifies the Watchdog daemon
Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
-
Writes file to system bin folder
-
Enumerates active TCP sockets
Gets active TCP sockets from /proc virtual filesystem.
-
Reads system network configuration
Uses contents of /proc filesystem to enumerate network settings.
-
Reads runtime system information
Reads data from /proc virtual filesystem.
-