General
-
Target
3f2b3d3b4ff3c177affbd175fcb7e7e244f7249ee4f91997521483af2c173576
-
Size
161KB
-
Sample
220521-qchbnshbh3
-
MD5
39f476992589281f6b5a5a8cde2013b3
-
SHA1
1a73499d15d689023c30859c1d68acc7fc19f14f
-
SHA256
3f2b3d3b4ff3c177affbd175fcb7e7e244f7249ee4f91997521483af2c173576
-
SHA512
4ab8286c47815a3a10858bd0b2794329c9fba5b4d97f698f9c458d2c6296808db87254bca37faca8b1ce14f862fdf655e62370f88a1d1ef198441e4a8d7f320a
Behavioral task
behavioral1
Sample
3f2b3d3b4ff3c177affbd175fcb7e7e244f7249ee4f91997521483af2c173576
Resource
debian9-mipsel-en-20211208
Malware Config
Targets
-
-
Target
3f2b3d3b4ff3c177affbd175fcb7e7e244f7249ee4f91997521483af2c173576
-
Size
161KB
-
MD5
39f476992589281f6b5a5a8cde2013b3
-
SHA1
1a73499d15d689023c30859c1d68acc7fc19f14f
-
SHA256
3f2b3d3b4ff3c177affbd175fcb7e7e244f7249ee4f91997521483af2c173576
-
SHA512
4ab8286c47815a3a10858bd0b2794329c9fba5b4d97f698f9c458d2c6296808db87254bca37faca8b1ce14f862fdf655e62370f88a1d1ef198441e4a8d7f320a
Score9/10-
Contacts a large (19041) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies the Watchdog daemon
Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
-
Reads system routing table
Gets active network interfaces from /proc virtual filesystem.
-
Reads system network configuration
Uses contents of /proc filesystem to enumerate network settings.
-
Reads runtime system information
Reads data from /proc virtual filesystem.
-