General
-
Target
ak.mips-20220923-0709.elf
-
Size
36KB
-
Sample
220923-hzdb8sddg3
-
MD5
fe156e724cffb0dd7cf53affd411e990
-
SHA1
9fc93f6bb21c90c79c2ade25ed2f7c653ed2febe
-
SHA256
153b00b7bec668d7867254c59105f57fcdaa9e623d08640340d355d9501a41c5
-
SHA512
fb66f466805215eb22acaf7ea27623ad3feda797e027387412b45886fac12d340df0c52c2c394d28501f27ec1b39dbcdd3909d470ab1265336aec436054c8a59
-
SSDEEP
768:NZrqjE5LzVm1g5G4tTJ9XBTZW6eW8EciLAqmdrmLu3DGJgGlzDpbuR1JC:7uEEgxl75sg8ECqmIYDyVJug
Static task
static1
Behavioral task
behavioral1
Sample
ak.mips-20220923-0709.elf
Resource
debian9-mipsbe-en-20211208
Malware Config
Targets
-
-
Target
ak.mips-20220923-0709.elf
-
Size
36KB
-
MD5
fe156e724cffb0dd7cf53affd411e990
-
SHA1
9fc93f6bb21c90c79c2ade25ed2f7c653ed2febe
-
SHA256
153b00b7bec668d7867254c59105f57fcdaa9e623d08640340d355d9501a41c5
-
SHA512
fb66f466805215eb22acaf7ea27623ad3feda797e027387412b45886fac12d340df0c52c2c394d28501f27ec1b39dbcdd3909d470ab1265336aec436054c8a59
-
SSDEEP
768:NZrqjE5LzVm1g5G4tTJ9XBTZW6eW8EciLAqmdrmLu3DGJgGlzDpbuR1JC:7uEEgxl75sg8ECqmIYDyVJug
Score9/10-
Contacts a large (45751) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies the Watchdog daemon
Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
-
Reads runtime system information
Reads data from /proc virtual filesystem.
-
Writes file to tmp directory
Malware often drops required files in the /tmp directory.
-