General
-
Target
z0r0.arm7
-
Size
54KB
-
Sample
211205-xgyb1sffb5
-
MD5
5e58fc8ba578c41a8c563e885e6efb0f
-
SHA1
625f25720957da07dc3cea31c491f6be3c3d1d91
-
SHA256
de0e4338b169b5aa1852305a6810384fd85f7d62567bf918f7be79c7e2012565
-
SHA512
821101f6c49e3964c4f08af7e81b69aaa01e4fe34f8936446f7aae8581976e9072a48f5536dd6e3cfe54eedb1eb20e4934d4cb2157473417009e6e4c10c26b91
Static task
static1
Behavioral task
behavioral1
Sample
z0r0.arm7
Resource
debian9-armhf-en-20211025
Malware Config
Targets
-
-
Target
z0r0.arm7
-
Size
54KB
-
MD5
5e58fc8ba578c41a8c563e885e6efb0f
-
SHA1
625f25720957da07dc3cea31c491f6be3c3d1d91
-
SHA256
de0e4338b169b5aa1852305a6810384fd85f7d62567bf918f7be79c7e2012565
-
SHA512
821101f6c49e3964c4f08af7e81b69aaa01e4fe34f8936446f7aae8581976e9072a48f5536dd6e3cfe54eedb1eb20e4934d4cb2157473417009e6e4c10c26b91
Score9/10-
Modifies the Watchdog daemon
Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
-
Reads runtime system information
Reads data from /proc virtual filesystem.
-