General
-
Target
028c23d416e397388905270a5f7c3fba.elf
-
Size
31KB
-
Sample
221102-m8jmtscagk
-
MD5
028c23d416e397388905270a5f7c3fba
-
SHA1
cfc94c079460c0028b62f64afe34f99d2143d938
-
SHA256
34e707a8a88eb78f389f5dafb64fe57f4918bbad38eac9b2d046ce21069d57ac
-
SHA512
6c16705f7811dcaf908f8ac95a60d7e71e7e928f8c5e3dd1b2d10da2bb34b1e75c86636b130cb456b7698c5152c186387eb390b232d6e5d06c64e56fc244de0c
-
SSDEEP
384:wn6Ppdqf3I54hJulN7s1kNYTA/fKiFs4V9B6f8Oj0bCwFtNKpugmAlXH3633zNRx:u4YuDs1kNJ/fKiFUf8OGCgGzCbWw
Malware Config
Targets
-
-
Target
028c23d416e397388905270a5f7c3fba.elf
-
Size
31KB
-
MD5
028c23d416e397388905270a5f7c3fba
-
SHA1
cfc94c079460c0028b62f64afe34f99d2143d938
-
SHA256
34e707a8a88eb78f389f5dafb64fe57f4918bbad38eac9b2d046ce21069d57ac
-
SHA512
6c16705f7811dcaf908f8ac95a60d7e71e7e928f8c5e3dd1b2d10da2bb34b1e75c86636b130cb456b7698c5152c186387eb390b232d6e5d06c64e56fc244de0c
-
SSDEEP
384:wn6Ppdqf3I54hJulN7s1kNYTA/fKiFs4V9B6f8Oj0bCwFtNKpugmAlXH3633zNRx:u4YuDs1kNJ/fKiFUf8OGCgGzCbWw
Score9/10-
Contacts a large (20360) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies the Watchdog daemon
Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
-
Enumerates active TCP sockets
Gets active TCP sockets from /proc virtual filesystem.
-
Reads system network configuration
Uses contents of /proc filesystem to enumerate network settings.
-
Reads runtime system information
Reads data from /proc virtual filesystem.
-