General
-
Target
3ef9b8f914d71750f0c118ce53c261d0369a4b53c4e0fd30f40b3a5137bfe73d
-
Size
87KB
-
Sample
220521-p6xg1sggd8
-
MD5
4a66067262242f7620e099a2371574e2
-
SHA1
e3865281354db741c992f2259b6810955443d5c9
-
SHA256
3ef9b8f914d71750f0c118ce53c261d0369a4b53c4e0fd30f40b3a5137bfe73d
-
SHA512
082dcdd52ecea3d46dcd326420bfc85a1c5f0b857896a5e0d65aab54e1e68a5177bb74cb0782d754e1bfdbf98eadd0445cfd8cafd1a5ad4e6cf7b1430c95818f
Static task
static1
Behavioral task
behavioral1
Sample
3ef9b8f914d71750f0c118ce53c261d0369a4b53c4e0fd30f40b3a5137bfe73d
Resource
debian9-mipsbe-en-20211208
Malware Config
Targets
-
-
Target
3ef9b8f914d71750f0c118ce53c261d0369a4b53c4e0fd30f40b3a5137bfe73d
-
Size
87KB
-
MD5
4a66067262242f7620e099a2371574e2
-
SHA1
e3865281354db741c992f2259b6810955443d5c9
-
SHA256
3ef9b8f914d71750f0c118ce53c261d0369a4b53c4e0fd30f40b3a5137bfe73d
-
SHA512
082dcdd52ecea3d46dcd326420bfc85a1c5f0b857896a5e0d65aab54e1e68a5177bb74cb0782d754e1bfdbf98eadd0445cfd8cafd1a5ad4e6cf7b1430c95818f
Score9/10-
Contacts a large (20430) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies the Watchdog daemon
Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
-
Enumerates active TCP sockets
Gets active TCP sockets from /proc virtual filesystem.
-
Reads system network configuration
Uses contents of /proc filesystem to enumerate network settings.
-
Reads runtime system information
Reads data from /proc virtual filesystem.
-