General
-
Target
de073fc0db5b66cb020609be0f15e332e69450c07404b4f5a72a4befed8b8453
-
Size
87KB
-
Sample
220521-xplyysccc6
-
MD5
530c13e5b48b598d9a9194e8d86f403f
-
SHA1
903786914dedeb06b8d470c07a51833e342b8e4b
-
SHA256
de073fc0db5b66cb020609be0f15e332e69450c07404b4f5a72a4befed8b8453
-
SHA512
b3530d88474ce22d96bbdde90086157d09cd215831af32a0c7a6b60ff05ce281cbf797142182f1c083f32121be7cae0659eee950cca77861f4b51f511cc2ea72
Static task
static1
Behavioral task
behavioral1
Sample
de073fc0db5b66cb020609be0f15e332e69450c07404b4f5a72a4befed8b8453
Resource
debian9-mipsbe-en-20211208
Malware Config
Targets
-
-
Target
de073fc0db5b66cb020609be0f15e332e69450c07404b4f5a72a4befed8b8453
-
Size
87KB
-
MD5
530c13e5b48b598d9a9194e8d86f403f
-
SHA1
903786914dedeb06b8d470c07a51833e342b8e4b
-
SHA256
de073fc0db5b66cb020609be0f15e332e69450c07404b4f5a72a4befed8b8453
-
SHA512
b3530d88474ce22d96bbdde90086157d09cd215831af32a0c7a6b60ff05ce281cbf797142182f1c083f32121be7cae0659eee950cca77861f4b51f511cc2ea72
Score9/10-
Contacts a large (20207) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies the Watchdog daemon
Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
-
Enumerates active TCP sockets
Gets active TCP sockets from /proc virtual filesystem.
-
Reads system network configuration
Uses contents of /proc filesystem to enumerate network settings.
-
Reads runtime system information
Reads data from /proc virtual filesystem.
-