General
-
Target
edaa8fec57c3365a78a0ab6e5a4aca37b6443df5b128e9b687c09739e5833093
-
Size
39KB
-
Sample
220521-xpfryaccb6
-
MD5
a0dcc20f4d699d1b9f4061a41c23be53
-
SHA1
e13af129f5f3c13aeba8c8724fd63335bfb43cca
-
SHA256
edaa8fec57c3365a78a0ab6e5a4aca37b6443df5b128e9b687c09739e5833093
-
SHA512
bbb35a949efb49621f84807c3da136cc7b19a45a23a2760f0c5ea0571b057ecf56c8bcfa9d12a4e85b2a1910fafdd6e499d93bf7ef437b92501f13655035a7fc
Static task
static1
Behavioral task
behavioral1
Sample
edaa8fec57c3365a78a0ab6e5a4aca37b6443df5b128e9b687c09739e5833093
Resource
debian9-mipsbe-en-20211208
Malware Config
Targets
-
-
Target
edaa8fec57c3365a78a0ab6e5a4aca37b6443df5b128e9b687c09739e5833093
-
Size
39KB
-
MD5
a0dcc20f4d699d1b9f4061a41c23be53
-
SHA1
e13af129f5f3c13aeba8c8724fd63335bfb43cca
-
SHA256
edaa8fec57c3365a78a0ab6e5a4aca37b6443df5b128e9b687c09739e5833093
-
SHA512
bbb35a949efb49621f84807c3da136cc7b19a45a23a2760f0c5ea0571b057ecf56c8bcfa9d12a4e85b2a1910fafdd6e499d93bf7ef437b92501f13655035a7fc
Score9/10-
Contacts a large (88498) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies the Watchdog daemon
Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
-
Writes file to system bin folder
-
Enumerates active TCP sockets
Gets active TCP sockets from /proc virtual filesystem.
-
Reads system network configuration
Uses contents of /proc filesystem to enumerate network settings.
-
Reads runtime system information
Reads data from /proc virtual filesystem.
-