General
-
Target
038b0610a27b8e34d313fc666ac07cb0f0b342ea1025ffdaf8c6697dddde0380
-
Size
30KB
-
Sample
220521-xq8jcacdd6
-
MD5
5d5abd94f970f6a72658d087baa9701d
-
SHA1
fb691c535d1d120cc4ce0867374fb3c846c2c0ad
-
SHA256
038b0610a27b8e34d313fc666ac07cb0f0b342ea1025ffdaf8c6697dddde0380
-
SHA512
49faaf5a8320155e0e1509466d8064c917aa7ed7ac26807635bf88200ccd61cd1c397e3afea15f9f296e0fb8a83e28f701d7e12678866b1dcdc9f7e5e9b11291
Static task
static1
Behavioral task
behavioral1
Sample
038b0610a27b8e34d313fc666ac07cb0f0b342ea1025ffdaf8c6697dddde0380
Resource
debian9-mipsbe-en-20211208
Malware Config
Targets
-
-
Target
038b0610a27b8e34d313fc666ac07cb0f0b342ea1025ffdaf8c6697dddde0380
-
Size
30KB
-
MD5
5d5abd94f970f6a72658d087baa9701d
-
SHA1
fb691c535d1d120cc4ce0867374fb3c846c2c0ad
-
SHA256
038b0610a27b8e34d313fc666ac07cb0f0b342ea1025ffdaf8c6697dddde0380
-
SHA512
49faaf5a8320155e0e1509466d8064c917aa7ed7ac26807635bf88200ccd61cd1c397e3afea15f9f296e0fb8a83e28f701d7e12678866b1dcdc9f7e5e9b11291
Score9/10-
Contacts a large (18207) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies the Watchdog daemon
Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
-
Enumerates active TCP sockets
Gets active TCP sockets from /proc virtual filesystem.
-
Reads system network configuration
Uses contents of /proc filesystem to enumerate network settings.
-
Reads runtime system information
Reads data from /proc virtual filesystem.
-