General
-
Target
a3a0ca1807dc2ae6cf437b60700e59e3bc72c8bf40fddc771fb6a9d76bc04109
-
Size
38KB
-
Sample
220521-xp4trsfefq
-
MD5
47bc35db5ed75f0c70a45d97b6291717
-
SHA1
081d0d221f4a2af4f1efd0a51af6ff353c629805
-
SHA256
a3a0ca1807dc2ae6cf437b60700e59e3bc72c8bf40fddc771fb6a9d76bc04109
-
SHA512
70f76a1455bcb3c1fc82467e6f8a30389d97bb6fc1416c97bcdbaf5ec2e363640b72b5f9008ab6a98e407d4dfdc3d8bcc809a4f353d37718361aebc0fd73bcf0
Static task
static1
Behavioral task
behavioral1
Sample
a3a0ca1807dc2ae6cf437b60700e59e3bc72c8bf40fddc771fb6a9d76bc04109
Resource
debian9-mipsbe-en-20211208
Malware Config
Targets
-
-
Target
a3a0ca1807dc2ae6cf437b60700e59e3bc72c8bf40fddc771fb6a9d76bc04109
-
Size
38KB
-
MD5
47bc35db5ed75f0c70a45d97b6291717
-
SHA1
081d0d221f4a2af4f1efd0a51af6ff353c629805
-
SHA256
a3a0ca1807dc2ae6cf437b60700e59e3bc72c8bf40fddc771fb6a9d76bc04109
-
SHA512
70f76a1455bcb3c1fc82467e6f8a30389d97bb6fc1416c97bcdbaf5ec2e363640b72b5f9008ab6a98e407d4dfdc3d8bcc809a4f353d37718361aebc0fd73bcf0
Score9/10-
Contacts a large (112297) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies the Watchdog daemon
Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
-
Writes file to system bin folder
-
Enumerates active TCP sockets
Gets active TCP sockets from /proc virtual filesystem.
-
Reads system network configuration
Uses contents of /proc filesystem to enumerate network settings.
-
Reads runtime system information
Reads data from /proc virtual filesystem.
-