General
-
Target
5d377df2e425b80d10d6aa6edb204ad9
-
Size
30KB
-
Sample
211205-z7bbaafga9
-
MD5
5d377df2e425b80d10d6aa6edb204ad9
-
SHA1
fa7b5bc8d56da4a6d7b532a905cb8a84c003ff97
-
SHA256
4976e24dd32d66ac356cef62e381057f5eaeec92cfa3b8af4ad0aa4e3119f228
-
SHA512
1f090d59729d3bf4449a4b9d8c9d54b839e4922a795184b50e8c8b28035708f0e08b9397bf68a6f8463c330bb45b6eca1077fbc6c79e57bb8628165f2d83091b
Static task
static1
Behavioral task
behavioral1
Sample
5d377df2e425b80d10d6aa6edb204ad9
Resource
ubuntu1804-amd64-en-20211025
Behavioral task
behavioral2
Sample
5d377df2e425b80d10d6aa6edb204ad9
Resource
debian9-mipsel-en-20211025
Behavioral task
behavioral3
Sample
5d377df2e425b80d10d6aa6edb204ad9
Resource
debian9-mipsbe-en-20211025
Behavioral task
behavioral4
Sample
5d377df2e425b80d10d6aa6edb204ad9
Resource
debian9-armhf-en-20211025
Malware Config
Targets
-
-
Target
5d377df2e425b80d10d6aa6edb204ad9
-
Size
30KB
-
MD5
5d377df2e425b80d10d6aa6edb204ad9
-
SHA1
fa7b5bc8d56da4a6d7b532a905cb8a84c003ff97
-
SHA256
4976e24dd32d66ac356cef62e381057f5eaeec92cfa3b8af4ad0aa4e3119f228
-
SHA512
1f090d59729d3bf4449a4b9d8c9d54b839e4922a795184b50e8c8b28035708f0e08b9397bf68a6f8463c330bb45b6eca1077fbc6c79e57bb8628165f2d83091b
Score9/10-
Modifies the Watchdog daemon
Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
-
Enumerates active TCP sockets
Gets active TCP sockets from /proc virtual filesystem.
-
Reads system network configuration
Uses contents of /proc filesystem to enumerate network settings.
-
Reads runtime system information
Reads data from /proc virtual filesystem.
-