General
-
Target
notabotnet.arm7
-
Size
151KB
-
Sample
220806-fqwfcaddc3
-
MD5
26bc343787a39764319500a7d401f49e
-
SHA1
5fbd7f801b46b937061f5dac05045ad77b9c69e0
-
SHA256
5d67ed8dc66c000ce4fa73b11c9f13a66fd9633077850d94110261c52b1927ed
-
SHA512
0bb956da3f7aaf6e40c113f5a3e53ddd72b654c425d9994d67f8ea9ba04f019df9e8f9aa0af3310222865dea44ebf417d1f5aa5006c7a01c73d127c32369c92a
Behavioral task
behavioral1
Sample
notabotnet.arm7
Resource
debian9-armhf-en-20211208
Malware Config
Targets
-
-
Target
notabotnet.arm7
-
Size
151KB
-
MD5
26bc343787a39764319500a7d401f49e
-
SHA1
5fbd7f801b46b937061f5dac05045ad77b9c69e0
-
SHA256
5d67ed8dc66c000ce4fa73b11c9f13a66fd9633077850d94110261c52b1927ed
-
SHA512
0bb956da3f7aaf6e40c113f5a3e53ddd72b654c425d9994d67f8ea9ba04f019df9e8f9aa0af3310222865dea44ebf417d1f5aa5006c7a01c73d127c32369c92a
Score9/10-
Contacts a large (98027) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies the Watchdog daemon
Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
-
Reads runtime system information
Reads data from /proc virtual filesystem.
-