General
-
Target
6d7efdea9f57f89486dcfa24fc08e9e52b5e868969105a9d808b852a3824c12e
-
Size
31KB
-
Sample
220521-p56djabhem
-
MD5
315713db1fe3c0d14f0768046463dc8e
-
SHA1
0f32dd3291a1239a0575bd69b946a059d31d622c
-
SHA256
6d7efdea9f57f89486dcfa24fc08e9e52b5e868969105a9d808b852a3824c12e
-
SHA512
ed5968df64a82181cd37899b4f4808a0b34a0373c106681ab10e549ef74f704c4abb22f4a6ef6439c59047258bb7b9160d901d2e38f7e9a4ad88a6edf68790e4
Static task
static1
Behavioral task
behavioral1
Sample
6d7efdea9f57f89486dcfa24fc08e9e52b5e868969105a9d808b852a3824c12e
Resource
debian9-mipsbe-en-20211208
Malware Config
Targets
-
-
Target
6d7efdea9f57f89486dcfa24fc08e9e52b5e868969105a9d808b852a3824c12e
-
Size
31KB
-
MD5
315713db1fe3c0d14f0768046463dc8e
-
SHA1
0f32dd3291a1239a0575bd69b946a059d31d622c
-
SHA256
6d7efdea9f57f89486dcfa24fc08e9e52b5e868969105a9d808b852a3824c12e
-
SHA512
ed5968df64a82181cd37899b4f4808a0b34a0373c106681ab10e549ef74f704c4abb22f4a6ef6439c59047258bb7b9160d901d2e38f7e9a4ad88a6edf68790e4
Score9/10-
Contacts a large (20764) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies the Watchdog daemon
Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
-
Enumerates active TCP sockets
Gets active TCP sockets from /proc virtual filesystem.
-
Reads system network configuration
Uses contents of /proc filesystem to enumerate network settings.
-
Reads runtime system information
Reads data from /proc virtual filesystem.
-