General
-
Target
6672b101c7d8b0604bd070240d48256903a59103a4f20ee3fea0adc0655abdb1
-
Size
86KB
-
Sample
220521-p6acgsbher
-
MD5
b436df8e24241af7b9619abfeacc0a67
-
SHA1
8e14cec59bd9bf185dc5132d32a87e9ddb963541
-
SHA256
6672b101c7d8b0604bd070240d48256903a59103a4f20ee3fea0adc0655abdb1
-
SHA512
7e3c29ba35a233a76270e81c5f19b9b5a279e03e9a3fb08643dc67846e4c16d71bc589e71d186daea38d43ff5e58efb47c57b90902ce84a9931f6aa9b23f1eff
Static task
static1
Behavioral task
behavioral1
Sample
6672b101c7d8b0604bd070240d48256903a59103a4f20ee3fea0adc0655abdb1
Resource
debian9-mipsel-en-20211208
Malware Config
Targets
-
-
Target
6672b101c7d8b0604bd070240d48256903a59103a4f20ee3fea0adc0655abdb1
-
Size
86KB
-
MD5
b436df8e24241af7b9619abfeacc0a67
-
SHA1
8e14cec59bd9bf185dc5132d32a87e9ddb963541
-
SHA256
6672b101c7d8b0604bd070240d48256903a59103a4f20ee3fea0adc0655abdb1
-
SHA512
7e3c29ba35a233a76270e81c5f19b9b5a279e03e9a3fb08643dc67846e4c16d71bc589e71d186daea38d43ff5e58efb47c57b90902ce84a9931f6aa9b23f1eff
Score9/10-
Contacts a large (20099) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies the Watchdog daemon
Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
-
Enumerates active TCP sockets
Gets active TCP sockets from /proc virtual filesystem.
-
Reads system network configuration
Uses contents of /proc filesystem to enumerate network settings.
-
Reads runtime system information
Reads data from /proc virtual filesystem.
-