General
-
Target
ak.mpsl-20220923-0709.elf
-
Size
37KB
-
Sample
220923-hzdb8shdfj
-
MD5
fdba94434e54cb58b2de87567630f1b8
-
SHA1
600519dd3841e247269bbe096b80a02cf2c26209
-
SHA256
2ce5bb314aea583de629b0cfc3e0b8b29df6790f7b819f8fc4ef9019f38e51b0
-
SHA512
fb08df4703414b71832dda77b30e254b800d68a1deb93c32ad68b7d6eb29683c7d90ce7f71722280c6ca70e40c15287c9fe18e5ac70a734c24914286524fcefd
-
SSDEEP
768:Xk9Hnr7+LtW0x9IYBXrf0cN4rWewXdbLQw+y+nBa02uWoA:01nrOt5xr4rWeSdfQXymBaL
Malware Config
Targets
-
-
Target
ak.mpsl-20220923-0709.elf
-
Size
37KB
-
MD5
fdba94434e54cb58b2de87567630f1b8
-
SHA1
600519dd3841e247269bbe096b80a02cf2c26209
-
SHA256
2ce5bb314aea583de629b0cfc3e0b8b29df6790f7b819f8fc4ef9019f38e51b0
-
SHA512
fb08df4703414b71832dda77b30e254b800d68a1deb93c32ad68b7d6eb29683c7d90ce7f71722280c6ca70e40c15287c9fe18e5ac70a734c24914286524fcefd
-
SSDEEP
768:Xk9Hnr7+LtW0x9IYBXrf0cN4rWewXdbLQw+y+nBa02uWoA:01nrOt5xr4rWeSdfQXymBaL
Score9/10-
Contacts a large (46064) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies the Watchdog daemon
Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
-
Reads runtime system information
Reads data from /proc virtual filesystem.
-
Writes file to tmp directory
Malware often drops required files in the /tmp directory.
-