General
-
Target
8550e96dd843997d2625c2fa51660266bf454d85653e0085b3bb1f0c923b0900
-
Size
52KB
-
Sample
220521-xm9x1acbc5
-
MD5
080baf91f10af767f7c8fcb70a30a90b
-
SHA1
bc03b9f9757454a3b985cb27716847ce9bd84332
-
SHA256
8550e96dd843997d2625c2fa51660266bf454d85653e0085b3bb1f0c923b0900
-
SHA512
23db1efdbf47a781229a957f1f7b5d76e733b6cdea10a7769eff2c94d6ab3ebd889903c25988ea907e740dfe91e75bc339d59f75ac558aceb8bfc2a7c06fd163
Static task
static1
Behavioral task
behavioral1
Sample
8550e96dd843997d2625c2fa51660266bf454d85653e0085b3bb1f0c923b0900
Resource
debian9-armhf-en-20211208
Malware Config
Targets
-
-
Target
8550e96dd843997d2625c2fa51660266bf454d85653e0085b3bb1f0c923b0900
-
Size
52KB
-
MD5
080baf91f10af767f7c8fcb70a30a90b
-
SHA1
bc03b9f9757454a3b985cb27716847ce9bd84332
-
SHA256
8550e96dd843997d2625c2fa51660266bf454d85653e0085b3bb1f0c923b0900
-
SHA512
23db1efdbf47a781229a957f1f7b5d76e733b6cdea10a7769eff2c94d6ab3ebd889903c25988ea907e740dfe91e75bc339d59f75ac558aceb8bfc2a7c06fd163
Score9/10-
Contacts a large (18867) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies the Watchdog daemon
Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
-
Writes file to system bin folder
-
Enumerates active TCP sockets
Gets active TCP sockets from /proc virtual filesystem.
-
Write file to user bin folder
-
Reads system network configuration
Uses contents of /proc filesystem to enumerate network settings.
-
Reads runtime system information
Reads data from /proc virtual filesystem.
-