General
-
Target
b092e21167ce43529ffcad39416943897fea39e9f159da46ab6762b09f15e575
-
Size
156KB
-
Sample
220521-qa8qvahba7
-
MD5
0956ffd3fa747c3179b8be81da0fea9f
-
SHA1
526e3202ac245cc8c7a69bf281254055dd7bbbe8
-
SHA256
b092e21167ce43529ffcad39416943897fea39e9f159da46ab6762b09f15e575
-
SHA512
215f1c72d8ad265956faaf1548a9cfa5a203f9538829b38407b18bd87ab6b905767fbe8f58ea5a2c677e722c21971f7052c1b1c1905e45413f02ac1a3db2ee8f
Malware Config
Targets
-
-
Target
b092e21167ce43529ffcad39416943897fea39e9f159da46ab6762b09f15e575
-
Size
156KB
-
MD5
0956ffd3fa747c3179b8be81da0fea9f
-
SHA1
526e3202ac245cc8c7a69bf281254055dd7bbbe8
-
SHA256
b092e21167ce43529ffcad39416943897fea39e9f159da46ab6762b09f15e575
-
SHA512
215f1c72d8ad265956faaf1548a9cfa5a203f9538829b38407b18bd87ab6b905767fbe8f58ea5a2c677e722c21971f7052c1b1c1905e45413f02ac1a3db2ee8f
Score9/10-
Contacts a large (18881) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies the Watchdog daemon
Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
-
Reads system routing table
Gets active network interfaces from /proc virtual filesystem.
-
Reads system network configuration
Uses contents of /proc filesystem to enumerate network settings.
-